Changing home folder encryption after changing user password

When I installed Ubuntu 15.04 I chose to encrypt the home folder.

Now I have changed the user password and I can still access the home folder. Does this mean that the home folder encryption key has also been changed or could someone access my home folder if they know my old password?


Solution 1:

It depends ...

When you change your login password with the command line, it updates you login password without updating the ecryptfs password. This is to prevent other users (well root really) from accessing your encrypted data by changing your password. If you change the password with this method, your old password can be used to decrypt the data.

When you change your login password with the graphical tools, it updates both your login password and the ecryptfs password. With this your data will be decrypted automatically when you log in and can not be accessed with the old password.

See http://bodhizazen.com/Tutorials/Ecryptfs#Password for additional information.

Solution 2:

If you want to use the same password/passphrase for both logging in and decrypting your home directory and want to change your passphase use the utility: 'ecryptfs-rewrap-passphrase'.

1) Change your passpharse:

ecryptfs-rewrap-passphrase /home/username/.ecryptfs/wrapped-passphrase
Old wrapping passphrase: 
New wrapping passphrase: 
New wrapping passphrase (again):

2) Change the user password/phrase to match for auto login and mounting

passwd <username>

Note: You will probably need to install 'ecryptfs-utils'

sudo apt-get install ecryptfs-utils