Hi ! Please I need tour help. I travel for 35 years now and felt
safe but it finally happened : They stole my laptop yesterday. My windows account has a password but I assume hackers can get to it easily ? What can I do to avoid my joplin data being accessed ? I just asked Dropbox to disconnect and wipe my data when the laptop connects, but will it include the Joplin directory ? Thanks ! Warmest greetings from France, Dimitri
This depends on whether the data was encrypted or not. Nowadays, many new Windows devices come with BitLocker turned on by default. In that case, there is no way to access or recover your data without the user account password. However, if it was not encrypted, then resetting just the Windows password and accessing the data this way is trivial.
I don't think this will actually delete your Joplin data from the device. The reason is that Joplin syncs with Dropbox communicating with the API directly, meaning that the Dropbox files themselves don't need to be present on the disk.
I think your only try may be to use another device to make a local Joplin backup first, then delete all notes locally, then use the "Re-upload local data to sync target" button in the Joplin desktop application to overwrite the remote state with empty one. In this situation, once Joplin on the stolen laptop connects to the network and tries to perform sync, it should delete all local notes. You also must not use the same Dropbox account to sync new notes after doing so.
Please keep in mind though that there are ways to restore both deleted notes inside Joplin, and also just deleted files from the disk, so in sum, unless the device was encrypted, I'd say that you can safely assume that the people who have stolen the laptop will indeed have access to all your notes and there is nothing that can be done to prevent them from doing so if they really want to.
No problem . I'm sorry the answer was in a rather hopeless mood. If you buy a new computer, I'd strongly advise you to perform full disk encryption first. I personally recommend the built-in BitLocker on Windows, however if it's a Home version with no BitLocker available, then you may also use the open source https://veracrypt.fr/code/VeraCrypt to do it. It does have significant performance impact in comparison to BitLocker but the encryption itself is proven secure.
Someone can reset the Windows password without having to take any steps to confirm the person is the authorized user who happened to lose their password? And once reset, the entire system is exactly as it was prior to the password reset?
Not sure about resetting the Windows password, but if the drive is not encrypted you can simply read it by running Linux for instance from a bootable external drive.
Yes, that's exactly the case. The only way to prevent this from happening is to use full disk encryption. For the record, this is likely true for any operating system, not just Windows.
Just to be clear, the reset is done outside of the OS, either by manually editing the files or using 3rd party tools, etc. Full disk encryption prevents access to the filesystem, hence you can't reset the password like that.
. I'm sorry the answer was in a rather hopeless mood. If you buy a new computer, I'd strongly advise you to perform full disk encryption first. I personally recommend the built-in BitLocker on Windows, however if it's a Home version with no BitLocker available, then you may also use the open source