In part one we discussed the importance that data from password managers could play in an investigation. In part two we then looked at what aspects an investigation may include from a digital forensics perspective. We now discuss some of the potential issues that can arise in such investigations and some areas where early consideration may help ease or avoid these issues.
In the UK, if you access a computer without the authority to do so, this would likely constitute a breach of the Computer Misuse Act. This means that if credentials such as an email address and password are identified, while it would be possible to use those credentials to collect the relevant data, it still may not be possible to do so legally without additional steps seeking the relevant authorisation.