
Ask HN: What should I do after dropping off my laptop for repair? - mbroshi
I cracked the screen on my laptop and so dropped it off at a local shop for repair. I just realized I have now given someone full access to my unencrypted hard drive. When I get my laptop back what precautions should I take(e.g. update passwords, SSH keys, ...)? What should I do next time?
======
Nextgrid
Depends on how paranoid you are and how valuable the unprotected files are you
might want to take action _right now_.

Do you have any reasons to believe the repair shop will look into your files
and have the skill to be able to misuse the credentials or install malware on
the machine?

Do you believe the repair shop knows who you are and how valuable your
laptops's content is, or do you think they have the resources to go through
every single laptop that gets dropped off in hopes of finding something
valuable?

Do you believe someone else who might be after you and is willing to put
significant effort to break into or bribe the repair shop into giving them
your laptop knows where you dropped off your laptop and that it's unencrypted?

What is the worst that could happen should they get access to your
credentials? Do these credentials allow access to anything important that
could cause severe losses or harm to other people or businesses?

Can you easily rotate/temporarily disable those credentials?

\---

For next time consider full-disk encryption. Then your only risk becomes
bruteforce (easily mitigated with a high-entropy password) or them installing
malware to grab the password when you type it after they return it to you.

