There are risks associated with the use of computer hibernation. One risk is associated with sensitive information that may be present in the system’s paging file (pagefile.sys) such as passwords or the plaintext version of encrypted files. If an intruder is able to steal a computer in hibernation, he or she may be able to access the hard drive, including the entire contents of the paging file and hibernation file.
I should clarify this – even a system that is shut down is at risk: the paging file is still there and may have sensitive data on it.
One effective way to reduce this risk is to erase the paging file when shutting down the computer (note that I said shutting down and not hibernating). You can activate this policy (which also zeros out the hibernation file at shutdown if hibernation is disabled) by following the procedure in this procedure (Windows XP only):
Control Panel > Administrative Tools > Local Security Policy > Local Policies > Security Options > Shutdown: Clear virtual memory pagefile. Set this to Enabled.
Pingback: Reduce risks associated with computer hibernation « Securitas Operandi™