Clearing the Pagefile
If you encrypt confidential files on your computer, you should also set the Clear virtual memory pagefile security option.
March 28, 2005
What's the purpose of the Clear virtual memory pagefile security option? Why would hackers bother with scavenging a stolen computer's pagefile when they could simply access the actual files?
The Clear virtual memory pagefile setting is most useful if you're using the Encrypting File System (EFS) to protect files on the disk of a desktop or laptop. If you properly protect your confidential files with EFS, a thief can't access the files. However, while you're working on a confidential file (e.g., a Microsoft Word document), some of the application's memory might be paged out and some of the confidential file might end up in clear text in the pagefile. To save time, Windows typically doesn't clear the pagefile at shutdown because it's so large. Therefore, a thief might be able to scavenge bits and pieces or even an entire confidential file from the pagefile. If you enable this setting, Windows overwrites the bits of the pagefile prior to shutdown, making it much more difficult for an attacker to gain any information from the disk drive. If you enable the Clear virtual memory pagefile setting, you should also disable hibernation because the hibernation file also contains clear text information.
—Randy Franklin Smith
About the Author
You May Also Like