2

Possible Duplicate:
Tips for locating my stolen computer

My laptop was recently stolen.

It was a corporate system running XP, which means it was part of a domain - I'm assuming that makes it impossible for someone to log into it, although I know there are ways to reset the local admin account. Is there any way to tell if someone boots it up?

I was logged into gmail, using two factor authentication. I will change my password, but is there any chance of tracking any attempted accesses?

Other than changing passwords on all my web accounts, is there anything else I need to do?

Improve this question
4
  • @BonGart: I suggest that it's not the same. I'm not really trying to locate the stolen machine, but I'm interested if there are any inadvertent ways that I might be able to see if anyone has used it. Plus, the main goal is to find out what I need to do to ensure none of my web-based information is exposed.
    – chris
    Commented Jun 4, 2012 at 17:01
  • Indirectly, you can see if someone used it to get access to any information you left on the laptop by seeing activity on any accounts that you might have left access to on that laptop. It's not like you can log into your Gmail, and see your gmail account open in the chat as if it was a different person you could talk to. The only way to see if someone boots it up, is to have software running on it that would broadcast the the fact that it is up AND have yourself set up to monitor that... tracking software, or an IM client where you had a second account as a friend on the first, etc.
    – Bon Gart
    Commented Jun 4, 2012 at 17:07
  • 1
    But the answer is still the same. The only way you could know if the laptop was being used, is to have been prepped beforehand somehow, which really translates to having tracking software previously installed (or some jury rigged version set up beforehand)... which makes the answer to that duplicate still pretty much the same answer you are looking at.
    – Bon Gart
    Commented Jun 4, 2012 at 17:08
  • 1
    Were there any personal data on it? If for example, you had logged into banking sites with it and chose to save your login, then you will want to immediately call your bank and ask for advice as well as change your pin, etc. You may also want to change the password on any other sites that you had logged into and selected the remember me options (in fact, all of your login cookies should be presumed to be compromised).
    – Synetech
    Commented Jun 4, 2012 at 18:19

2 Answers 2

Reset to default
1

Report the theft to your IT department with an urgent priority. In the event the thiefs do break into your account they may gain access to network resources. In any case if you report it and some data is compromised then you've done everything you can and you can't (at least shouldn't) be held responsible.

Improve this answer
1

If your laptop was stolen, you have to make the assumption that everything has been compromised. On any OS, if a technical person physically has the machine, they have the capability to read the hard drive. Most likely, they will simply erase the hard drive, but you need to assume the worst.

The best way to prevent this is to use whole disk encryption programs such as TrueCrypt, BitLocker, PGP, etc. If the laptop is stolen and the disk is encrypted, then you can rest assured that no one can get the data.

Change all your domain password and website passwords. This is made easier with password programs like KeePass. If you use these password programs, you then have a complete list of everything you have a password for and will then know what to change. People often dont know how many passwords they actually use.

You might have had saving passwords off in your browser, but you might be surprised how easy it is to get past them. Often websites will offer to mail you a new password on reset, which isnt any good if someone has access to your mail. Another problem is websites will ask you a series of questions to reset your password. Many times automatic form completion can fill that info in.

I said it before and I will say it again, get disk encryption. Many are free. If a machine leaves a secure environment, you need to assume it will get stolen.

As for tracking attempts, thats a different story. Your IT department should be able to track attempts to log into a VPN or internal websites. However, everything else is unlikely.

Improve this answer

Not the answer you're looking for? Browse other questions tagged .