44 Comments

  1. One comment, one question:

    1) TrueCrypt doesn’t seem any more secure that WD hardware encryption, because the same thief who stole an encrypted WD drive and starts guessing passwords could do the same with a TrueCrypt protected drive. I agree that data recovery is more difficult though

    2) I own many WD drives, and today was really surprised when I took an unencrypted drive and enabled encryption. I expected to be prompted that all my data would be erased, but I wasn’t. Once I set a password, I unmounted the drive, and sure enough, in order to mount it again I needed the password… however the pre-existing data on the drive could not be encrypted since I wrote it all when the drive had no encryption set. So what does this mean? That each time I write data in the future onto the drive, that data is encrypted, but the prior data is not? If someone removed the drive from its enclosure and put it into another enclosure couldn’t they defeat the password lock and read all my data; since it was originally written onto the drive unencrypted?

    1. You were surprised because the encryption depends on a random set of 32 bytes created at initialization. These 32 bytes are protected behind a default “key” which is the empty key. So the drive is always encrypted. When you change the password, the only thing that is re-encrypted is the random 32 bytes. Depending on the hardware you use, this encrypted data may or may not be stored on the drive (some enclosures have a flash that stores the data… this can REALLY screw you as the OP stated. You need to get the key back out of the flash and put it into a new one in order to decrypt the drive again). However, the My Passport series of drives stores the key material on the drive itself. So if the enclosure goes bad, using another enclosure should be an option.

  2. I just wish I found this page before buying a WD 3 TD earlier this week. All the data I “moved” to it is now held hostage. Good info, thanks for sharing!!!

  3. my book western digital fails | Blog about Books
  4. is there no other way round the hardware encription i just have my hard drive with out the external case ing documents extreamely important

    1. Not really. WD did things right. Unless of course you don’t have a My Book, but have a My Passport. The OP is right in the sense that something like Truecrypt puts all of the security in your hands. If anything happens, you can move your data and still recover it with your password. You are basically left guessing the key (not your password).

  5. What if the the tech botches the repair on the drive? I had a tech resolder the usb and aside the drive powering up, thats it. I noticed on ebay there are some usb cards with the same serial #. Could I order one of those to recover the data off the drive?

  6. i tried another board and still the data is encrypted! when I go into disk storage, i am prompted to either initialize the mbr or the guid. What to do?

    1. Author

      Mike, not sure why it won’t decrypt in the new enclosure. Hopefully someone else with give some more details.

      The only thing I can think to do is to test with a blank drive. Install it in the old enclosure and format/copy a few files over. Then move it to the new enclosure and see if the files are accessible. That way, you validate the recovery process. If it works, it could be that the drive has started to fail and the encryption key isn’t accessible.

      1. Hi Carlton,

        If I have never set a password or encryption on the 3tb drive, will the data on it still need decryption when the bare drive is connected to a computer? I need the data off a drive and am wondering if I need to buy another 3tb drive to exchange the drives or get the circuit board from the new one.

        1. Author

          EM: Unfortunately, the drive is probably encrypted even if you didn’t set a password. You can attach it to a computer to confirm, but all of the newer Western Digital enclosures appear to encrypt the drives automatically with an internal chip. You will most likely need to put the drive into an identical Western Digital enclosure to recover the data.

      2. A new control board is not enough. Not only does the board S/N have to match right down to the Rev block, but then you have to switch the u2 chip from the patient to the new donor, because the chip and HDD are paired to each other; that’s where the key to accessing the drive resides.

  7. I unfortunately don’t have any spare sata drives to test your proposal out. I received a replacement card via ebay which had the same results as the original card. Prior to this happening, I was able to get all the sentimental data off the drive, so all that remained was files for streaming to the consoles.
    lesson learned – do not buy name branded external storage units! Just build your own.

  8. I have WD My Book Elite 1 Tb and I forget my password now what should I do?I have very important data in.I dont want to loose and I dont want to pay too much to recover this data.Is there any suggestion? Thanks.

    PS: I have bill of the product that I bought this:)

  9. Just found this article, and it has a lot of usefull information. However, I would like to add that WD hardware encryption issues has been one of the most reoccurring problems in data recovery industry. When drive does not mount? how does one about go about recovery with software? Mainly drives do not mount either due to bad sectors or firmware corruption, so how do we address these issues on 2.5″ encrypted drives with with proprietary usb 2.0 or 3.0? We found a solution for that and it involves converting these USB drives into SATA by using SATA boards that have identical CPU. Converted drive can either be imaged or fixed if firmware needs to be manipulated. Decryption part can be done by using 3.5″ usb bridge adapter. I hope that this addition post will help someone to get their data back.

    Ramzes

  10. My My Book crashed 2 months ago. My computer does not even detect the drive or if it does it only shows empty folders.
    I tried buying another one to replace the usb board and still no luck. When I tried to put together the replaced device now it wont detect it and what is even worse i dont hear the motor of the drive.
    I see the LED light flashing every now and then. Is this what you guys call the hardware encription and therefore not allowing me to see the contents?

    Sounds like i have to send the HD to the recovery center and have to fork out the $1K+ for get my family pictures back.

    Anyone interested in buying 2 broken drives for experiment/repair? cheap! :oP

    1. Author

      Daniel, I don’t think it’s encryption-related if you switched USB control boards and don’t hear the drive motor. It sounds like a drive motor failure. Data recovery service is probably your best bet…

  11. Hi, I am just enquiring about my “Western Digital” My Book Essential 1TB external harddrive.
    I am unable to view any of the data on the device. Under computer management it says “unallocated” with 931.50GB data
    and in device manager it appears when i plug the device into my PC via USB. Its spinning fine and
    sounds OK and there is no burning smell.

    Any suggestions ??????

    – PCB Board?
    – Controller Board?
    – Windows 7 OS?
    – Could it be because the Controller Board is Encrypted to 1 PC Only??

    1. also to add. it stopped working when i bought my windows 7 PC. previous pc was vista..

      Hmmm i reinstalled usb drivers.

      Maybe i should try Ramzes comment?

    2. Author

      Natalie, I think the partition on your hard drive was accidentally erased due to an improper dismount/disconnect. You should try the partition recovery software listed in the post.

  12. Major problem with these drives is also the fact that when integrated sata drive (usually low quality like wd green) starts developing bad sectors, the usb bridge doesn’t handle it well. It simply freezes. So you can not get good data because the drive freezes after trying to access data on bad sector area. I can confirm that you can remove the drive from usb/encryption bridge, connect it directly to sata on mainboard (it handles bad sectors much easier), sector clone it to a new/good drives using a tool like ddrescue, connect the new drive back to usb/encryption bridge and your data is accessible. You will loose the bad sector data but you could at least access all other data/disk area. Well, if your file system metadata hasn’t been on bad sectors areas. If, then you should use some recovery programs afterwards.

  13. Hey Carlton Greet info! I didn’t know about the encryption and quick formatted my drive in a generic enclosure! The USB connector broke. Is it possible that if i fix the USB, that my data will work normal, since I formatted it in a generic enclosure without it going through the encryption chip??

    1. Author

      Josh, you should be fine with the generic enclosure. You could attach it to any grneric usb enclosure or sata cable and recover the data. Just not to an original Western Digital enclosure. Good luck!

      1. Hey, thanks for responding so fast! I tried that Carlton, but It shows as unallocated space in the generic, because of the default encryption. So because of that I quick formatted, to get a drive letter. I have not used it since.

        I want to know now that if I fix the broken USB, can I retrieve my data, even though I quick formatted (outside) of the encryption chip on the hardware?

        Ive read that to format a WD encrypted drive, you have to go through the original hardware chip. Thats what I am hoping.

  14. Hello there Carlton

    Nice help spot you have here, very useful and in some cases, life saving!

    After reading all of the other users comments, I have one problem of my own, maybe I´m missing something here,

    This also involves a Western Digital My Book Essential (2 TB).
    At the time the problem was solved but this is just to make you acquainted with the situation…

    My HDD stopped all of a sudden. Something told me it was not a problem with the drive itself. For me, the closure was not receiving any electricity. Did my research. The problem was with the controller board, which is also the one to blame for encryption I assumed. Ordered a new one, the HDD works like a charm.

    But I want to get rid of the encryption nonsense. So… after moving my data to a safe place, can I format this 2 TB Western Digital My Book Essential to a generic casing, generic everything! So I can use it as a standard HDD and use it in a external casing? If possible, should I just use the normal Disk Management Tool from Windows?

    Please advise!

    Thanks in advance, best regards!

    1. Author

      Yes, just put the drive in a generic enclosure and reformat it. It will erase everything and start with a new, unencrypted volume.

      1. Thank you for the support Carlton, will try it! Cheers

        1. One thing should be made clearer, I think, when converting a HW encrypted drive to a standard one in a generic enclosure.

          As was mentioned in a comment here, a “Quick Erase” didn’t seem to work – resulting in a small drive. This is because a “Quick Erase” only erases the data found within the confines of the existing data structures of the drive – like a massive “delete everything everywhere” operation.

          However, with most hardware level encryption systems, everything – including the low level partition and disk structures – is scrambled. So a “Quick Erase” might be dumbfounded with the encryption drive. Perhaps WD encrypted drives provide a small fully non-encrypted volume for their “Virtual CD” volume. That would explain why one user’s Quick Erase produces a very small volume. That is, the Quick Erase may have only worked upon the only visible volume – the VCD one.

          Here’s my general work flow for how I’d convert a HW encrypted drive to a completely standard, non-encrypted one:

          1) Backup any data already on the encrypted drive to another device.
          2) Remove the drive from the WD enclosure
          3) Mount drive in a generic USB 3 (or other desired connector) enclosure
          4) Delete whatever partitions your favorite partition manager sees
          5) If your PM has the function (doubtful), do a low level format*
          7) Allocate the formatted space into 1 or more partitions, as desired
          8) Reformat and Initialize the partition(s) to the desired type, Mac, Win, etc.
          9) You should now have the entire drive’s space generically available

          * A “low level format” is a very special hardware level format that works at the extreme lowest level of a drive. It lays down the binary tracks of the media which are then used by higher level functions like partition managers and regular format operations. Such a format is sometimes available as a function within the BIOS of the drive which you control with a special program that accesses the drive’s BIOS functions. It also takes a VERY LONG TIME – like many hours or a day for large drives. Assuming the drives used in WD HW encrypted drives have the same structure as regular drives, they probably have such a low level format routine in their BIOS. If you can find the software, it would not be unwise to use to truly ensure the drive is completely reformatted at the very lowest level. But chances are it probably does not need such an intensive operation.

  15. Damn! Carlton, I am completely choked with WD. I went through a similar diagnostic just now with a 2 TB MyBook Essential on a Yosemite iMac. The drive just stopped ‘existing’. I pulled the drive into a generic enclosure, and although the drive mounted, it could not be read. The drive was running but showed as empty with zero data. A Deep Scan with Data Rescue 3 found nothing but various forms of .Gzip archives. The .gzips could not be opened and only generated further compressed files. I suspected, thanks to your clues here and elsewhere, the real problem was a MyBook controller failure. Luckily, I have an identical MyBook drive. I just put the known good controller on the ‘dead’ drive, and BOOM. Normal mount, all data is there.

    So. WD has created the equivalent of a ‘terminator’ drive. The controller craps out, and the data is auto-encrypted without my knowledge, and cannot be ‘seen’ by anything but a WD controller. What B.S. I’m going to get my data off here ASAP and never use WD drives again!

    1. I have the same disk, same problem but without the second controller, unfortunately.
      trying to find a used one on ebay.
      is it possible that nobody figured out a way to decrypt it?
      the encription seems trivial, looking in the MBR, where zeroes are supposed to be there is a repetitive list of binary data, same pattern.
      I tried to xor it but without success

      1. Author

        I haven’t seen any details of breaking the encryption. I wouldn’t be surprised if it were extremely simple to break. As I see it, the primary purpose of the encryption is not security but rather keeping external drives from being easily converted to internal drives – protecting those two separate pricing structures.

        1. Carlton, of course, we find all this good pertinent information, after the fact and hours of research, but thank you for all the great info. I am at the point, where I extracted a 4TB Mybook, from the enclosure and jumped through many hoops, trying to get it to be recognized. After trying this and that, I was loosing confidence that I would ever see my data again. It wasn’t until I reattached the bridge card outside of the housing, that I could see all was well. Just confused on one point, if, after getting my data off, I reformat the drive attached via SATA as now an internal drive, would that rid the drive of the need for the USB to SATA bridge?

          1. Author

            Yes, you should be able to reformat the drive and use it normally after attaching it directly to an SATA cable.

  16. Hi Carlton, how do i know if I have enabled the hardware encryption ? I have used a WD Mybook Essential 3TB since 2014 without installing any of the WD softwares which came along and likewise dont remember setting up any encryption using the provided softwares. Does it mean that it is encryption free ? I connected my laptop power supply to the ext.hdd and damaged the board.

  17. Good morning Carlton! Great blog going on here. I made the mistake of purchasing a 1Tb My Book which worked great for 15 months. Then, apparently the encryption board went out. I tried buying a new drive to switch the encryption boards and could not find the same serial number. So, no data recovery. Since I had the new drive I went ahead and used it to store the contents of my HD which included all my family pics for the past 30 years. Big mistake. Second drive failed in 13 months. By this time I had purchased a 3 Tb drive to expand my storage area, but since I have been burned by 2 My Books I want to just reformat the 3 Tb drive and use it without the encryption board. However, anytime that I try to format the drive I’m told by the computer that there is no media on that drive. I have tried to use computer management to edit the register for that drive from 0 to 2, as I had read in a post somewhere, but that didn’t help. Any suggestions on how to reformat the encrypted drive without the encryption board being installed?
    Thanks,
    Rick

  18. Hi Carlton! Thanks for going explaining WD’s hardware encryption.

    I have a question regarding the WD MyBook external drive enclosure.

    Is is possible to use other drives with the MyBook controller broad?

    I have tried swapping drives, but the new drive doesn’t turn up in Windows and WD drive utilities shows the drive as “My Book 0 bytes”??

    Thanks,
    Tom

    1. Author

      To my knowledge, using third-party drives is not possible. I definitely would not recommend it due to the encryption problems. As cheap as generic external enclosures are, I recommend using them instead.

  19. I have a similar problem, with two (1TB&2TB)My Book Essential drives. I am fed up of this PCB failure,only less than 6 months service. I now want to just have the drives docked into dock stations.But cannot access them. Computer Manager indicates the drive as unallocated. Is there some software to format wholly the hardware encrypted drive, I don’t mind losing the data.Can the jumper setting also aid in resetting just like we would reset the bios by adjusting the jumper settings in computer motherboard.

  20. Hardware encryption on the WD MyBook is *NOT* optional. I had the 2TB one nearly full when the USB bridge failed. I had never once willingly encrypted the drive. I did not set a password or key. I plugged the drive into my computer when I received it and began storing data. That’s it. Despite this, the drive was encrypted and unreadable in any other machine/enclosure. For this reason I have never and will never purchase a WD external drive again.

  21. From article: “If you encrypt your drive, data recovery is even more difficult, so I strongly recommend using an online backup service.”

    Keep in mind that IF you use an online backup service, your data can be accessed WITHOUT a search warrant. All that is needed is a National Security Letter (NSL), which can be issued by a mid-level government employee and does NOT require approval by any other party; no judge, no oversight, no upper management. The NSL can also require the online service keep secret that the demand for your information was made.

    Search on National Security Letter for more information…there are a number of sources of solid information.

    1. Author

      So obviously, you should encrypt your online backup with your own encryption key that is not accessible by your online backup provider. Most online backup providers support this. This should be done regardless, in case of a cybersecurity breach at the provider.

  22. Any encryption can be unlocked and decrypted with modern software and tools. It take 20-30 days maximum.
    Forensic software works very well! Even password lost.

Leave a Reply

Your email address will not be published. Required fields are marked *