two WD Passport drives prompting for passwords ONLY on Win 10

E

ell

Well-Known Member
Reaction score
437
Hi, I have a client who never put on password on their 2 Passports, (in old win 7 pc confirms there is no passwords set and files easily accessible) and now with a new win 10 laptop they are being prompted for one, ofcourse the only way to unlock it is to format, but they want the data, any other options at all? The win 7 has a failing hard drive so don't won't to mess with it more than I have to.
 
Last edited:
If you format it, it will be 100% impossible to recover the data, as you will destroy the encryption key. Yes, the data is encrypted.

Either reconnect the drive back to the other system with the hopes the password is remembered or hope that they can remember with the password suggestion. There is a very small chance that no password set and that it is prompting because of a drive issue.
 
lcoughey said:
If you format it, it will be 100% impossible to recover the data, as you will destroy the encryption key. Yes, the data is encrypted.

Either reconnect the drive back to the other system with the hopes the password is remembered or hope that they can remember with the password suggestion. There is a very small chance that no password set and that it is prompting because of a drive issue.
Click to expand...
You pretty much confirmed my suspicions, OMG I still have her old dell in my recycle pile, maybe I'll get lucky here, hopefully I can clear the password without knowing it, or at least copy the data to one of my drives, format it and copy it back. thanks!
 
Last edited:
ell said:
maybe I'll get lucky here, hopefully I can clear the password without knowing it, or at least copy the data to one of my drives, format it and copy it back. thanks!
Click to expand...

Nope, and nope. Unless you think you can guess the password you're not going to succeed here. You can't copy the data from these until you put in the password. The USB bridge chip built onto the PCB will block LBA access until the DEK (disk encryption key) is confirmed as decrypted using the KEK (Key encryption key) password.

Best option is to just call the customer and pick their brain to see if they did set a password and just forgot it. If they are absolutely 100% certain that they never set a password, then it might be a glitch with the drive. Certain models did have a known glitch where they would do this. I've also seen at least one case where the sector storing the DEK had gone bad. Fortunately there's usually a backup of the key in the firmware which can be extracted by a data recovery company using PC-3000.

Doing the old format using WD Smartware will actually change the DEK and make recovery 100% impossible in most cases. Data recovery software will find nothing.
 
From what I remember just using the drive out of the box does not generate a password setup procedure. It does provide a software setup option which may do something. I've used several of these on all 3 platforms without issues. Over the years I've read that the encryption is done at the disk PCB level. A couple of links below discuss this. I'd try to resurrect the old machine.

https://www.computing.net/answers/h...orgotten-wd-hdd-smartware-password/83488.html

https://security.stackexchange.com/questions/44730/how-secure-is-wd-mypassport-lock
 
Markverhyden said:
From what I remember just using the drive out of the box does not generate a password setup procedure. It does provide a software setup option which may do something. I've used several of these on all 3 platforms without issues. Over the years I've read that the encryption is done at the disk PCB level. A couple of links below discuss this. I'd try to resurrect the old machine.

https://www.computing.net/answers/h...orgotten-wd-hdd-smartware-password/83488.html

https://security.stackexchange.com/questions/44730/how-secure-is-wd-mypassport-lock
Click to expand...
It still boots, limping hd. She said in the email that the drive just opened in the old pc with no password, but we know how "what they say" goes.
 
Since the only change is a new computer, it makes me think the old computer may have been saving the password. Not sure if Apple's Keychain or Window's equivalent can "remember" this password. If so, maybe you could find it somewhere (like in the Keychain).

If not possible (and this isn't a bug as @DataMedics mentioned), it still may be possible for a data recovery company (or anyone with a PC-3000) to decrypt/recover the data. But, it depends on the exact model WD drive.

Read more here: http://forum.acelaboratory.com/viewtopic.php?t=8508.

This is the most important part:

There are two generations of WD encrypted drives:

1st generation - WD drives with USB encryption bridge (based on encryption controller chips like Initio, Symwave, JMicron)
2nd generation - WD drives with encryption inside the Main IC chip (SED - Self-Encrypting Drives).

At the same time, WD drives have a SmartWare utility that can set the user password. In other words, there are two methods of encryption:

1) Using encryption key (by default).
2) Using encryption key + user password (optionally).

For the 1st generation drives:
=====================
If a WD drive is based on the encryption bridge Symway, the PC-3000 will get access to the user data, no matter if the user password is set or not.
If a WD drive is based on encryption bridges Initio or JMicron and the user password is set, the PC-3000 will require to enter the user password (user password is needed).

For the 2nd generation drives:
=====================
All the Self-Encryption Drives from the 2nd generation can be successfully decrypted by the PC-3000 no matter whether the user password is set or not.

The PC-3000 software automatically detects the generation of a WD drive and encryption method.
The encryption will be done automatically if a WD drive is based on Symwave (the 1st generation) or if a WD drive belongs to the 2nd generation (user password doesn't play any role in the 2nd generation).
Click to expand...
 
I've yet to encounter a passport drive with a password where PC3K decrypts without needing a password. Perhaps I'm just bypassing it without even knowing one was set. I'd certainly be happy if to try, if you want to send it my way. If recoverable, the cost would be $350 CAD less your 20% ($280 CAD or ~$210 USD) plus return shipping. Or, if you want to stay inside the US and my math is correct, about $500 USD with 300DDR.
 
Ok now I'm stumped, she brought over 2 passports, both with the same data, both totally accessable from her old win 7 machine. I plug them into my win10 and prompted for a password. The message from win 7 wd utilities is the drives are NOT locked,(first jpeg) win 10 shows the drive as unallocated in disk management, also permissions are set for "everyone" full access, so what now? See jpegswin7.jpg win10.jpg win102.jpg
 
Last edited:
lcoughey said:
That is definitely weird. If they mount on the windows 7 system why not backup the data from there?
Click to expand...
Crap, I was counting on you for an answer, I could do that but the thing has a crashing hd, I'm afraid it will bite the dust. I don't even want to risk imaging it incase it won't read them again. I have tried win8, and win7 in vmware, no go. I will cross my fingers I can keep the thing going and copy the data to one of my drives.
 
lcoughey said:
If their original system drive has failed, try to clone it and boot from the clone.
Click to expand...
there has to be a reason, two drives with the same issue, so weird, has to be something from the win 7 machine that tangled the drives permissions even though they are set for everyone access or maybe something with drive letter assignment??
 
I successfully copied all 490 gb to one of my drives from the old pc, overnight, probably going to format then copy back over after I confirm with the client. I did a little more digging after and found launching wd security gave the same password prompt and hint on the old machine, so no doubt there are passwords on them, tied somehow to the old machine which is why its only accessible there, weird.
 
Porthos said:
If I remember correctly if you have the drive in the machine that unlocks it you can clear the password.
Click to expand...
thats what I was thinking, but when I open wd security it asks for a password before you can change anything.
 
You must log in or register to reply here.

Similar threads

TechLady
Resetting system password on Win 10
2 3
Replies
41
Views
10K
Porthos
Porthos
Larry Sabo
Windows 10 activation fails after motherboard change
2
Replies
35
Views
7K
mikeroq
mikeroq
J
Installing 2 different hard drives with different OS's & 3rd HDD for storage?
2
Replies
20
Views
2K
J.M.
J
HCHTech
OneDrive for business sync issues
Replies
5
Views
4K
frostbyte5014
frostbyte5014
tankman1989
Problem mapping drives to/on Server 2008 machine
Replies
7
Views
1K
YeOldeStonecat
YeOldeStonecat
Back
Top