Passware Forensics Kit is much advertisement, less action. Its capabilities may be divided in two categories: recovering passwords and  obtaining encryption keys. To put it simple, these are bruteforce and  firewire attacks respectively. Any encryption software ever created is vulnerable to these attacks, however with sufficient limitations. 


1. Bruteforce attack. This attack is based on the exhaustive search method, when every possible combination is being tried as your password.  This attack usually takes lots of time and resources, and for long and  secure passwords created keeping these recommendations in mind:


the process would take hundreds of years. Also, with BestCrypt v.9 you may change the so-called  key-stretching parameters to set 1 attempt to guess your password take  several seconds instead of common thousand's part of a second. This  require thousand years for bruteforce to succeed. 


2. Firewire (Cold Boot) attack. This attack works smoothly and no encryption software is protected. However, to make it work, one would need the  following: 


a. Target computer is turned on, encrypted drives are mounted.

b. Intruder has physical access to the target machine.

c. Target computer has firewire port.

d. Intruder has another computer with him, it also has a firewire port.


If these conditions are met, the attacker may succeed.

For me, it sounds like nonsense. If I am worried about security enough to encrypt my drives, why would I leave my computer turned on with  encrypted drives mounted? In that case, it is easier to just access the  data directly, not by dumping memory or scanning for keys. OK, let's  assume someone breaks in unexpectedly.

In the context of "Cold Boot Attack", our recommendations are:

1) Do not leave your computer with opened BestCrypt containers.

2) Do not send your computer with opened containers to hibernate mode.

3) In case of an alarm, use "Hot key" functionality for fast  dismounting BC containers. 

4) In case of forced power-off, if you have UPS device, you will have the great advantage – because you will have a time to dismount the containers or to perform smooth shutdown.


So even though both these attacks are real threat, they can be hardly implemented in real life, only if user is careless enough to use weak  password or let his machine exposed.