如何創造被鞏固的外型數據文件

張貼在2008年6月17日在5:21上午

憂慮 外型安全? 如果您得到某人可能讀您的電子郵件的惡夢,當您不是在那麼附近這個技巧是為您。  它可能是您的妻子、女主人或者喜歡擦試外型.pst文件為任何他們可能取笑的任意技術支持,或者更壞,敲詐您。

保持您的電子郵件秘密深深地掩藏在您的計算機, a 密碼被加密的外型數據文件 是什麼您需要。

第一,打開您的外型并且點擊 文件 菜單 > > 外型數據文件…

圖像

如果您使用外型2003年,并且在您之上將提示與讓您選擇的窗口什麼樣的辦公室外型文件您想要創造。  選擇默認類型利用新的特點像更多存儲容量。  如果您需要使用外型的一個更舊的版本打開這個文件夾像版本2002年和下面選擇另一個類型:

圖像

然後在 創造新的外型數據文件 窗口類型文件夾的名字,我在這種情況下鍵入了「secured.pst」 「.pst」是必需的文件擴展名的地方。

圖像

持續,投入在外型將出現文件夾的名字,保證選擇「可壓縮的加密」或「」加密您的文件夾的高加密,選擇a 強的密碼 (即。 應該是長的并且包括字符、數字和非阿爾法數字標誌)。  「除這個密碼之外在您的密碼名單」,不要檢查 否則您將讓能打開您的外型也是打開這個文件夾的人。

保存設置的點擊OK。

圖像

一旦您有被鞏固的文件夾出現在您的外型,移動所有您的敏感電子郵件向那個文件夾。

在您在外型時候想要打開這個文件夾它將請求您鍵入上述的密碼:

圖像

現在您有每次要求密碼您需要打開它的被鞏固的外型數據文件。 您能也創造規則移動所有敏感電子郵件向這個文件夾。  如果您要,您能創造超過一被鞏固的數據文件到組織的保留事。

停止讓擔心外型安全。  保留您的敏感電子郵件在一個被鞏固的被加密的文件夾!

如果您擔心keyloggers,檢查我的崗位 如何查出和繞過keyloggers.

本Carigtan 是一位新的貢獻者作家。  一位軟件工程師以超過7年技術經驗,他將是包括實用忠告和技巧為計算機用戶的文字文章。

如果您享受這個崗位,確定您 訂閱對我的RSS飼料!

」歸檔下 涼快的網站

相關崗位

10 Responses to “How to create secured Outlook data files”

  1. Graeme said on : June 17th, 2008 at 9:37 am

    PST “security” is an absolute joke. All you’re doing is giving a false sense of security with this article, a “secured” PST can be opened in seconds using a freeware tool at http://www.nirsoft.net/utils/pst_password.html.


  2. akishore said on : June 17th, 2008 at 11:11 am

    Graeme, I guess it’s better than nothing! Do you have any other ideas? Another idea I had for securing your Outlook file is to hide the actual folder where the PST is stored using a program like FolderHide.


  3. Ian Hunter said on : June 17th, 2008 at 12:40 pm

    Here’s a MUCH better way, assuming you log into Windows with your own account, rather than a shared account:

    Use Windows EFS to create an encrypted folder (go to My Documents, create a folder called “Encrypted” or something like that, right click it, select “Advanced” and select “Encrypt this folder”), then create an UNENCRYPTED PST file located in that directory. Now, when you log into Windows and open Outlook, the PST file is available, but if someone else logs into the machine or steals the hard drive, the PST file is scrambled.

    :)


  4. akishore said on : June 17th, 2008 at 2:38 pm

    Ian, that’s a really good idea! You can rest assured your email cannot be read by anyone else as long as they don’t have your password or access to your user account.


  5. ben said on : June 17th, 2008 at 9:46 pm

    As pointed out by Graeme, outlook passwords are easy to hack. Worse, there is no patch from Microsoft yet that could fix this problem within Outlook.

    Windows EFS could also be easily hacked if you can have the admin password, and there are a lot of write-ups on how to do this on the Net: http://internetbusinessdaily.n.....-password/
    Once you get the admin password, it’s easy to change all the passwords of each PC user. I am sharing computers and securing data on the OS level is a nightmare!

    This problem made me look out for an ever more stronger security solutions that will run BEFORE boot time so even when my laptop is stolen, I could be assured that my whole disk is protected (not only my Outlook files!). I use a product called checkpoint to do this and I am yet to find a hacking software for this product: http://www.checkpoint.com/prod.....index.html
    I configured my setup in such a way that even if they know the OS admin password, they can’t boot or change it without my pre-boot checkpoint password!

    Ofcourse, security doesn’t stop there… in computers there is always a way to hack around passwords!


  6. Ian Hunter said on : June 18th, 2008 at 8:05 am

    The attack described is not valid. If an administrator (authorized or not) changes a *local* user account password, it destroys the EFS key and the previously encrypted data is lost. Using EFS to house the PST file is a perfectly acceptable way to protect stored email messages, and is easy for a casual user to implement. There’s no need to complicate this with boot-time passwords or disk partition or such. Those things have their place (I use TrueCrypt for some things, I love it, and it’s free), but they’re not needed here. I’m all about using the easiest effective tool for a job.

    Here’s a detailed description of why that attack won’t work:

    (Reference this site: http://technet.microsoft.com/e.....y/bb457065(TechNet.10).aspx )

    Resetting Local Passwords on Windows XP

    Windows XP has new behavior regarding locally changed passwords and EFS. In Windows 2000, when a local user password was reset by an administrator, the administrator or third party could theoretically use the newly changed account to log on as the user and decrypt the encrypted files. In Windows XP, the changing of a local user password by an administrator, or through a method other than by the user, will block all access to previously encrypted files by the user.

    In summary, the profile and keys of the user will be lost and will not be available to the account with the reset password. Windows XP gives the following warning when attempting to reset a user account password:

    Warning Resetting this password might cause irreversible loss of information for this user account. For security reasons, Windows protects certain information by making it impossible to access if the user’s password is reset.

    This feature helps to guard against offline attacks and prevents rogue administrators from gaining access to encrypted files of other users.


  7. ben said on : June 18th, 2008 at 7:53 pm

    Ian, good point in pointing out the weakness of the attack.

    but there are many ways around this… if I can get the admin password then I can install rogue hacking softwares right?

    what if I have a rogue keylogger service running in a computer that can log all keystrokes? you can find implementations of this that sends logs to a hacker’s email in the background.

    I can easily install a keylogger by logging in as a rogue admin. The hacker will just wait until the password arrives to his inbox.

    even the strongest encryption passwords typed while the OS is running is always hacked. If the hacker gets the logs of keystrokes all of the OS level security like EFS is useless.


  8. Ian Hunter said on : June 19th, 2008 at 9:08 am

    Yes, or one could put a hardware based keylogger (here’s a good one: http://www.keyghost.com/) on there and read the password typed into before the OS loads. Depends on how far you want to take it. I’ll stick with EFS encrypted PSTs. :)


  9. ben said on : June 19th, 2008 at 8:56 pm

    Haha! the guys at University of California, Berkeley went as far as making an algorithm to listen to keyboard sounds to crack anything typed on the keyboard with a 10$ microphone!

    http://news.zdnet.com/2100-1009_22-5865318.html


    Pingbacks
  1. Keep Your Outlook Database Secure - Contact Management - Technology For Agents Says:

    [...] to your laptop or computer can simply open Outlook and see your database in it’s full form.  Online Tech Tips recently published a nice how-to on securing your Outlook database that deserves a [...]

    June 17th, 2008 at 10:01 am
Please post your comments/suggestions!