5
The only good advice I have seen so far was to decrypt system drive, then migrate using Acronis or whatnot, then encrypt it back.
This advice works, except with SSD you could have as well just left your drive unencrypted. Especially, if you have pagefile on system drive, and you probably do, since it is the only way to ensure hibernation works, you have portions of the system memory on your drive, which contains encryption keys, passwords, and all other good stuff. And with SSD, there is no conceivable way to guarantee that it is overwritten.
I am not even saying about the rest of drive contents, which is probably also lurking out there unsecured.
So, the question is: what you do? Have anybody here successfully completed a secure migration of encrypted system drive?
EDIT: This question is about migrating encrypted operating system from drive A to drive B without producing unencrypted copy on either physical drive.
I'd seriously follow the advice. It's best practice. I'd also consider disabling hibernation, but that's another discussion altogether. – None – 2012-04-15T19:49:24.147
the pagefile and the hibernation file are two separate things on windows. – nc4pk – 2012-04-15T19:54:02.523
@Randolph West: so, you understand the reason why I am not doing it, and you still recommend me to? I am just trying to see a logic here. – galets – 2012-04-15T20:14:44.190
I'm sorry, I don't understand what you mean. If you want to migrate an encrypted Windows partition to a new drive, best practice is to unencrypt it, then clone it, then re-encrypt it again. That is what you asked, and I answered that it was the best way to do it. Whether you encrypt the data on the other side is secondary, and really has no bearing on your question, because it becomes redundant if you think encryption won't actually secure all the contents of the drive. In that case, you still have to unencrypt it. Asked and answered. – None – 2012-04-17T00:35:40.710