The Official Web site for the Office of Information Technology - UTSA

This document should be rendered in an HTML format with cascading style sheets and JavaScript turned on.

Office of Information Technology Home Page

Skip to Main Content

Skip to Navigation

Please take a few minutes to read our Accessibility Page which will make your visit through this Web site easier.

Copyright (c) 2010. The University of Texas at San Antonio. All rights reserved.

OIT Home > Projects > Laptop Encryption Program >SafeBoot and TrueCrypt Software

SafeBoot and TrueCrypt Software

The Office of Information Technology has choosen two software solutions to encrypt university laptops: SafeBoot and TrueCrypt.

The software solution that will be used to encrypt your laptop is based on the table below.

SafeBoot vs. TrueCrypt table

Task

SafeBoot

TrueCrypt

Primary Use

for single- and multi-user Windows XP laptops designated solely to the identified users.

for multi-user Windows XP laptops when the number of end users is many, e.g. greater than 20, or if the end user is unknown, e.g. when a laptop can be checked out by faculty/staff.

Password Handling

password held in escrow by OIT

user(s) responsible for remembering password

More information

SafeBoot

TrueCrypt

FAQ

SafeBoot (PDF)

TrueCrypt (PDF)

Forgot your laptop login password

SafeBoot procedure (PDF)

TrueCrypt procedure (PDF)

Changing your
network password?

SafeBoot password change procedure

TrueCrypt password change procedure

SafeBoot

About SafeBoot
SafeBoot is a McAfee software product. It is being used by the Office of Information Technology to encrypt (make information unreadable except to the password holder) Windows XP-based laptops that are assigned to designated users or a small group of designated users.  Only those users whose account is configured on a laptop with SafeBoot will be able to boot it up. One major difference between SafeBoot and TrueCrypt is that the Office of Information Technology holds the SafeBoot password key 'in escrow' - which allows us to provide the password to the laptop user if it has been forgotten. TrueCrypt users must remember their password.

SafeBoot on your UTSA Laptop
Encrypting a laptop can take several hours, depending on the size of the hard drive and on the system's performance. Once the laptop has been fully encrypted, the user should not see any degradation in performance. It is important to note that once a user logs in to an encrypted laptop, it should not be put into 'sleep' or 'hibernation' mode, as the laptop contents are accessible by anyone in possession of the laptop. If your university-owned laptop (encrypted or not) is lost or stolen, you should contact the UTSA Police Department (210) 458-4242 and the Office of Information Technology Information Security Office, (210) 458-5555.

Creating the Single Sign-On (SSO) Password

If you change your myUTSA ID (abc123) account password because it has expired - or when you change your myUTSA password for any reason - you will need to synchronize your myUTSA ID/password and your SafeBoot ID/password. (myUTSA passwords change every 180 days.)

  1. Change your myUTSA password at https://passphrase.utsa.edu
  2. At the SafeBoot login screen, type in your myUTSA ID and "old" (pre-change) password.
  3. Select Change Password
  4. Enter your new myUTSA password in the Password and in the Confirm Password boxes
  5. Login to the Windows environment using your myUTSA id (abc123) and password. 
  6. Reboot the laptop.  When you login at the SafeBoot login screen, your desktop environment should be loaded immediately without having to login at the Windows prompt, accomplishing your single sign-on.

Note: If you prefer, you can keep the same SafeBoot password (and not have it synchronized to your network password). After logging in at the SafeBoot screen, you will be prompted with the Windows login screen where you will need to input your myUTSA ID (abc123) and password.

Help/Support
For assistance with SafeBoot, please contact OITConnect, (210) 458-5555.

TrueCrypt

About TrueCrypt
TrueCrypt is an open-source software product. It is being used by the Office of Information Technology to encrypt (make information unreadable except to the password holder) Windows XP-based laptops that are assigned to a multiple users. One major difference between SafeBoot and TrueCrypt is that the TrueCrypt users must remember their laptop password. If the password is not known, the data on the system cannot be recovered.  OIT is using TrueCrypt in scenarios where many people share a laptop, especially when the end user may not be known.  For example, the laptop may be loaned out or checked out by someone outside of the Dept. 

TrueCrypt on your UTSA Laptop
Encrypting a laptop can take several hours, depending on the size of the hard drive and on the system's performance. Once the laptop has been fully encrypted, the user should not see any degradation in performance. It is important to note that once a user logs in to an encrypted laptop, it should not be put into 'sleep' or 'hibernation' mode, as the laptop contents are accessible by anyone in possession of the laptop. If your university-owned laptop (encrypted or not) is lost or stolen, you should contact the UTSA Police Department (210) 458-4242 and the Office of Information Technology Information Security Office, (210) 458-5555.

If you change your myUTSA (abc123) account password you DO NOT need to change your TrueCrypt password. OIT recommends that you do not change the TrueCrypt password. Contact OITConnect for more information.

Help/Support
For assistance with TrueCrypt, please contact OITConnect, (210) 458-5555.

 

Related Topics