Skip to main content

Microsoft Keeps Backup of Your Encryption Key on its Server — Here's How to Delete it!!





Have you recently purchased a Windows computer?

Congratulations! As your new Windows computer has inbuilt disk encryption feature that is turned on by default in order to protect your data in case your device is lost or stolen.

Moreover, In case you lost your encryption keys then don't worry, Microsoft has a copy of your Recovery Key.

But Wait! If Microsoft already has your Disk Encryption Keys then what’s the use of using disk encryption feature? Doesn't Encryption mean Only you can unlock your disk?

Microsoft Probably Holds your Encryption Keys


Since the launch of Windows 8.1, Microsoft is offering disk encryption as a built-in feature for Windows laptops, Windows phones and other devices.

However, there is a little-known fact, highlighted by The Intercept, that if you have logged into Windows 10 using your Microsoft account, your system had automatically uploaded a copy of your recovery key to Microsoft’s servers secretly, and you can't prevent device encryption from sending your recovery key.

Note: Do not get confuse device encryption with BitLocker. Both works same but have different configuration options. BitLocker offers users a choice whether or not they want to backup their Recovery keys on Windows server.


Why Should You Worry?

  • If a hacker hacks your Microsoft account, he can make a copy of your recovery key before you delete it (method described below).
  • Any Rogue employee at Microsoft with access to user data can access your recovery key.
  • If Microsoft itself get hacked, the hacker can have their hands on your recovery key.
  • Even Law Enforcement or Spy agencies could also request Microsoft to hand over your recovery key.
"Your computer is now only as secure as that database of keys held by Microsoft, which means it may be vulnerable to hackers, foreign governments, and people who can extort Microsoft employees," said Matthew Green, a cryptography professor at Johns Hopkins University.

How to Delete your Recovery Key from your Microsoft Account?


Although there's no way to prevent a new Windows computer from uploading the recovery key at the very first time you log into your Microsoft account, you can delete the existing recovery key from your Microsoft account and generate a new one.
Follow these simple steps in order to remove your recovery key from your Microsoft account:

Step 1: Open this website and log in with your Microsoft Account

Step 2: You will find list of recovery keys backed up to your Microsoft Account

Step 3: Take a back of your recovery Keys locally

Step 4: Go ahead and delete your recovery key from Microsoft Account.

Important FactGreen also pointed out that even after deleting the recovery key from your Microsoft account, there is no guarantee that the key has been removed from the company's server.

Instant SolutionTo solve this issue, Windows users are recommended to stop using their old encryption keys and generate a new one without sharing it with Microsoft.

How to Generate a New Encryption key (Without Sending a copy to Microsoft)?


Sorry for Windows Home Edition users, but Windows Pro or Enterprise users can create new key by decrypting whole hard disk and then re-encrypt the disk, and this time in such a way that you will actually get asked how you want to backup your Recovery Key.

Step 1: Go to Start, type "Bitlocker," and click "Manage BitLocker."

Step 2: Click "Turn off BitLocker" and it will decrypt your disk.

Step 3: Once done, Click "Turn on BitLocker" again.
how-to-install-bitlocker
Step 4: Then Windows will ask you: How you want to backup your Recovery Key. Make sure to DO NOT SELECT "Save to your Microsoft Account." That's it.

Congratulations! 

Finally, the new Windows device you purchased specially for disk encryption feature has now enabled the feature, and Microsoft no longer can unlock it.

Comments

Post a Comment

Popular posts from this blog

How to Unlock (and Play) Hidden Chess Game Inside Facebook Messenger

What can you do with Facebook Messenger? Chat with your friends Send GIFs, stickers, and photos Make video calls Send people money in Messenger Have you ever wondered to Play a game while you chat with friends? Yes, it is possible. Facebook had made it to the reality by building a hidden built-in functionality in Facebook Messenger that lets you play Chess with your friends without having to install a third-party app. It just takes one simple step to unlock this hidden game. All you need to do is: type " @fbchess play " and hit Enter, during a conversation, and a small square box would appear in the chat box. Here's how to play: The person who initiated the game would be assigned "White" side, to make the first movement. Although there is some standard algebraic notation like:- B for “Bishop” R for “Rook” Q for “Queen” K for “King” N for “Knight” P for “Pawn” Pawns could b
1 comment
Read more

How to Build a Successful Incident Response Plan

The fight to protect your company’s data isn’t for the faint of heart. As an embattled IT warrior, with more systems, apps, and users to support than ever before, keeping everything up and running is a battle in itself. When it comes to preventing the worst-case scenario from happening, you need all the help you can get, despite your super-hero status. According to SANS, there are 6 key phases of an incident response plan. Preparation -  Preparing users and IT to handle potential incidents in case they happen Identification -  Figuring out what we mean by a “security incident” (which events can we ignore vs. which we must act on right now?) Containment -  Isolating affected systems to prevent further damage Eradication -  Finding and eliminating the root cause (removing affected systems from production) Recovery -  Permitting affected systems back into the production environment (and watching them closely) Lessons Learned -  Writing everything down and reviewing
1 comment
Read more

Internet of Threats!

T he Internet of Things (IoT) is continuing to gain traction with an ever-increasing number of connected devices coming to market. But as tech-savvy consumers begin investing in their first devices for a connected home, what is to stop them becoming a cyber attacker's next target? While still uncommon, we know that cyber attackers are going after connected consumer devices, demonstrated on a massive scale by the group of Russian hackers who published thousands of live-streaming webcam footage from over 250 countries. Unless the manufacturers of connected devices take a holistic approach to bolstering their cyber security efforts, these types of attacks will increase in number. To gain a greater understanding of the cyber security risks that consumers could be exposing themselves to, research was conducted into the cyber security posture of six ‘always-on’ consumer IoT devices. The results were unsettling. Veracode carried out a set of uniform tests across all the
Post a Comment
Read more