Good encryption programs assume that once a user is granted access to the computer, then decryption of data will take place automatically behind the scenes so as not to interfere with the user's work flow. By simply guessing or finding the logon password, someone will always have access to encrypted data, unless time is taken to create a unique encryption key for each data file. Creating these individual encryption keys can be more costly than the creation of the data, and in general is so time consuming and confusing that it simply isn't done. What's more, not all encryption systems are created equal. Bad encryption programs provide encryption that can be easily decrypted with utilities found all over the Internet. So, the result is that data encryption - even good encryption - doesn't protect you within the context of the security problems of password-based access control.