s*****m
发帖数: 13092 | 1 http://arstechnica.com/information-technology/2013/10/windows-8
Windows 8.1’s new device encryption treats your x86-based Windows tablet or
laptop more like an ARM-based tablet or smartphone. Rather than requiring a
user or system administrator to enable it, your device’s boot partition
comes encrypted out of the box. This encryption is essentially invisible
during normal use—you pick up the tablet, log in, and use it just as you
would an unencrypted PC. If someone were to steal the device from you,
though, they wouldn’t be able to get at any of your information without
your account password or your encryption key, which in this case is
protected by your account password.
When you first fire up Windows 8.1 on a PC that supports the feature, head
to the “PC Info” section in the device settings screen to check your
encryption status. Computers with the necessary hardware features begin
encrypting the drive immediately, but the master key needed to decrypt the
drive isn’t protected. A user with administrator access will have to log in
with a Microsoft account, at which point the device will generate a
recovery key and upload it to Microsoft’s servers. This recovery key can
then be accessed from another computer with your Microsoft account if you’
re ever locked out of your system. Active Directory user accounts can also
be used to store the key, provided your domain administrator has enabled the
proper Group Policy settings. |
|
