Forensic Implications of BitLocker-by-Default in Windows 11 24H2
May 8th, 2025 by Oleg Afonin
The Windows 11 24H2 update introduced a change in Microsoft’s approach to disk encryption, a shift that will have long lasting implications on digital forensics. In this release, BitLocker encryption is automatically enabled on most modern hardware when installing Windows when a Microsoft Account (MSA) is used during setup. Encryption starts seamlessly and silently in the background, covering even Home editions and consumer devices such as desktop computers that historically escaped full-disk encryption defaults.
Mobile password keepers don’t keep the word
March 16th, 2012 by Olga Koksharova
We’ve analyzed 17 popular password management apps available for Apple iOS and BlackBerry platforms, including free and commercially available tools, and discovered that no single password keeper app provides a claimed level of protection. None of the password keepers except one are utilizing iOS or BlackBerry existing security model, relying on their own implementation of data encryption. ElcomSoft research shows that those implementations fail to provide an adequate level of protection, allowing an attacker to recover encrypted information in less than a day if user-selectable Master Password is 10 to 14 digits long.
Updated iOS Forensic Toolkit Ready for iOS 5.1, Tries Top 100 Common Passcodes First
March 12th, 2012 by Olga Koksharova
Today, we released an updated version of iOS Forensic Toolkit. It’s not as much of an update to make big news shout, but the number of improvements here and there warrants a blog post, and is definitely worth upgrading to if you’re dealing with multiple iPhones on a daily basis.
Breaking Wi-Fi Passwords: Exploiting the Human Factor
March 8th, 2012 by Olga Koksharova
Attacking Wi-Fi passwords is near hopeless if a wireless hotspot is properly secured. Today’s wireless security algorithms such as WPA are using cryptographically sound encryption with long passwords. The standard enforces the use of passwords that are at least 8 characters long. Encryption used to protect wireless communications is tough and very slow to break. Brute-forcing WPA/WPA2 PSK passwords remains a hopeless enterprise even if a horde of GPU’s is employed. Which is, in general, good for security – but may as well inspire a false sense of security if a weak, easy to guess password is selected.
ElcomSoft Discovers Most of Its Customers Want Stricter Security Policies but Won’t Bother Changing Default Passwords
February 22nd, 2012 by Olga Koksharova
We runned yet another Password Usage Bahaviour survey on our Web site and gthered statistically significant data, reflected in the following charts. And the main conclusion was that most people working with sensitive information want stricter security policies but rarely bother changing default passwords.
Newer iOS Forensic Toolkit Acquires iPhones in 20 Minutes, Including iOS 5
November 1st, 2011 by Olga Koksharova
iOS 5 Support
EPPB: Now Recovering BlackBerry Device Passwords
September 29th, 2011 by Andrey Belenko
Less than a month ago, we updated our Elcomsoft Phone Password Breaker tool with the ability to recover master passwords for BlackBerry Password Keeper and BlackBerry Wallet. I have blogged about that and promised the “next big thing” for BlackBerry forensics to be coming soon. The day arrived.
New version of EPPB: Recovering Master Passwords for BlackBerry Password Keeper and BlackBerry Wallet
August 30th, 2011 by Andrey Belenko
Conferences are good. When attending Mobile Forensics Conference this year (and demoing our iOS Forensic Toolkit), we received a lot of requests for tools aimed at BlackBerry forensics. Sorry guys, we can’t offer the solution for physical acquisition of BlackBerries (yet), but there is something new we can offer right now.
