Are encrypted files really that secure?

There’s no such thing as perfect security. Someone with sufficient time and money, and a strong enough motive, can crack anything.

So the real question becomes: Is your encryption secure enough? And the answer is: If your encryption software uses a recognised and respected standard such as AES or Blowfish, and you use strong passwords and take other precautions, it almost certainly is.

Given enough time or processing power, any password can be cracked through a brute force attack – where a program throws words and random character strings at an encrypted file until it stumbles upon the right password. But with a sufficiently strong password, the time and processing power required is just not practical.

To get an idea of how quickly a password can be cracked, check out How Secure is My Password. When we tried the word password, the web site told us that a conventional PC could crack it “almost instantly.” On the other hand, if we used a random string of eight lowercase letters, my files would be safe for all of 52 seconds. But a string of 18 characters, including digits, punctuation, and upper- and lowercase letters, would remain safe for “3 quintillion years.”

We think that’s sufficient–even assuming the use of hardware more powerful than a single PC.

But back up your strong passwords with other good habits. Always be suspicious about possible scams. Keep your security software up to date. Never share a password with anyone with whom you wouldn’t share a credit card account. And if a Web site offers two-step verification, use it.

When you come right down to it, your security system doesn’t have to be 100-percent impenetrable. It just needs to be harder to crack than most other, equally tempting targets.

Previous ArticleNext Article

Leave a Reply


The free newsletter covering the top industry headlines

Send this to a friend