Is my data safe in encrypted vault using keychain access?

Discussion in 'OS X Mountain Lion (10.8)' started by pjny, Feb 7, 2013.

  1. pjny macrumors 6502a

    Feb 18, 2010

    I'm using Agilebits KNOX encrypted vaults for some data. The vault automatically loads because it is linked to my keychain on 10.8.2. My question is:

    I don't have filevault 2 encryption so if the laptop is stolen and someone removes the hard drive and accesses the data on the drive(using enclosure) is there any way my data can be accessed in the vaults since keychain is et to remember the vault password?

  2. Ledgem macrumors 65816


    Jan 18, 2008
    Hawaii, USA
    If they can gain access to your account (and with it, your default keychain) then yes, they would be able to access the data. If they can only get the Knox volume off, then the data would be inaccessible to them unless they were able to crack the password (the feasibility of which depends on how strong your password is).

    In this case, a weak password on your account could negate having a strong password on your Knox volume. An exception to this could be if you have a separate Keychain with the Knox volume password in it. I don't have experience with multiple keychains, but I'm under the impression that each keychain can have a separate password (although I might be wrong). In this case, having a separate keychain with a separate password from your login would represent another layer of security - or at the very least, yet another password to crack. Create a few decoy keychains if you're truly paranoid to waste your assailant's time with more things to crack.
  3. pjny thread starter macrumors 6502a

    Feb 18, 2010

  4. Edie Brickell macrumors member

    Apr 22, 2010
    If you are using filevault 2 and has encrypt your drive with this application, there is no need to worry about your data theft as filevault 2 is much secure. This application generates a large password which is not possible to remember.
  5. itickings macrumors 6502a


    Apr 14, 2007
    ...which doesn't mean a thing if the account itself is only protected by a weak password.
  6. Edie Brickell macrumors member

    Apr 22, 2010
    You will need your login password or a recovery key to access your data. A recovery key generally generates a larger password which is not easy to remember. You have to copy this password or keep remembered in a safer place.

Share This Page