Preventing Headaches with Encryption

October 26th, 2007 | Posted in Encryption, Privacy, Security | 1 Comment

These days it seems like every few days you can find a story about a laptop being stolen or lost.  Inevitably it seems that when these machines go missing there is almost always some kind of sensitive information on them.  Often it seems it’s just a case of somebody taking some work home and then their laptop is stolen.  Next thing you know their company is having to notify thousands of people that some of their personal information or customer data… something…. could potentially be in evil hands.  Now I may be stating the obvious here, but if they had used some simple Computer Protection system, such as encrypting sensitive files or maybe even the entire hard drive, it would at lest make sensitive data harder to get at.

Of course, even with such a system in place, the next hurdle is to get users to exercise proper care with regard to passwords.  You can’t just use your wife’s birthday or you old locker comination.  This kind of thing is not only subject to people (if they’re determined enough, it does depend on what you’ve got encrypted.) digging into your life and past, finding out information about you and your family and using it to aid in cracking the password.

Then again, even if you do have a better password than that, if it’s less than 8 or 10 characters long then it’s going to be fairly easy to be cracked by “brute force” alone… trying every possible combination until the right one is found.  That’s why it’s better to use an actual passphrase instead of just a word.  Ideally it should contain both upper and lower case letters, numbers, and other special (printable) characters that you can type (such as @#$%^_) and it should be at least 15 characters long.  Ideally it should be 30 characters or more.  At the very least, it needs to be as long as you can consistently remember.

Above all, if you’ve got important data to keep secure and you’ve gone to the trouble of getting and using strong encryption and creating a strong passphrase, NEVER, EVER, EVER write it down!  That just makes it too easy for the “bad guys”.

Technorati Tags: , , , , ,

If you enjoyed this post, make sure you subscribe to my RSS feed!
Link to this post:
Just copy this code and paste it on your site where you want the link to appear:

One Response to “Preventing Headaches with Encryption”

  1. I recently wrote a post about three free encryption programs that I use on my laptop for exactly the reasons you state. I particularly like TrueCrypt which creates an encrypted virtual disk. It’s very convenient which is one of the key things that encryption should be.