Please don't yell at me - I did search before posting this.
I've read the posts and it seems that all encryption software requires admin priviledges so I just wanted to find out what others are doing for creating a minimum level of security. If we can't encrypt - then what can we do? Please don't list only free solutions. I don't care if I have to pay for something if it will work.
I have several questions:
1. How do I keep my passwords safe if anyone can use my FireFox? Should I simply tell it NOT to save passwords and use a third party manager like RoboForm2Go to save the passwords?
2. Is there another option that works for people for securing document files? Is a password enough?
I just wanted to get some discussion going as it seems that we're stuck with an insecure drive that if lost could compromise privacy and security. There must be a better way. I just don't have admin priviledges in the places that I will use my drive.
Thank you for your help on this.
Visit the Community page
Join our forums
Subscribe to our email newsletter
Subscribe with RSS
Follow us on BlueSky
Follow us on Facebook
Follow us on LinkedIn
Follow us on Mastodon
Follow us on Twitter
Something like KeePass Portable or RoboForm will keep your passwords secure. Even within Firefox Portable 2, your stuff is encrypted. As for documents, OpenOffice.org encrypts them when you password protect them.
Sometimes, the impossible can become possible, if you're awesome!
If you already use KeePass and want to encrypt documents, simply create attach them to an entry. You could even create individual entries for each document. The downside is the the documents will need to be saved to disk each time you want to open/edit them. This works well for documents that you need, but seldom edit.
If you choose to save your passwords in firefox, then you should also protect with a Master Password (Tools - options - security - Use a Master Password). That way, no-one who uses your firefox portable will have access to your passwords (unless they know your master password). This is what I do, and it's one of the main attractions to firefox for me (to have this functionality built-in).
thanks. based on your advice I did set the master password and I'm experimenting with Roboform2Go. I may use that as well.
I'm wondering. Could I somehow copy or save files to a zipped folder that would have a master password? This way I wouldn't need to password protect individual files. What might be the best Zip utility to do this?
And you can do it right within 7-zip Portable.
Sometimes, the impossible can become possible, if you're awesome!
I can't seem to get 7-zip to do anything. It's file manager does not even have a command to compress or zip - let along encrypt or password protect. I must be insane but can you point me in the right direction?
Just so you don't feel too stupid, I call myself a geek and personally don't find 7-zip to be very intuitive at all [e.g. open inside, open outside ???]
Tim
Geek w/o portfolio
Things have got to get better, they can't get worse, or can they?
Navigate in 7-Zip's "file manager" (as you call it) to the file(s)/folder(s) you want to compress and highlight it/them then click on the "Add" button with the big, green plus sign on it which will bring up a dialog for options. You're "Adding" that file/folder to the compressed file.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
I know the encryption is the same as anything else, but doesn't the fact that you have to delete the files after extracting / decrypting them pose some sort of potential security loophole?
Thanks,
Adam
Thanks,
Adam
Depends if you have a good hex editor or not, and know how to use it.
[e.g. open inside, open outside ???]
Open within 7zip using a plugin, open outside 7zip using another program. Same as saying read it using 7zip viewer, or read it using notepad.
You're only as safe as time, type of passwords you use, and keys.
----------------------:)
Did you know that the entire operating system use to fit on a 5 1/4" floppy disk!
Gotcha
Thanks,
Adam
Thanks,
Adam
what do you recommend for a workflow? Should I unencrypt the file to another directory, work on it and then copy it back to the encrypted directory?
Also, I set the zip files and directories up with passwords, but suddenly it is not requesting them. Is there a way to reset them easily?
Is there a way to automatically delete unzipped originals when they files are zipped?
Should I unencrypt the file to another directory, work on it and then copy it back to the encrypted directory?
Doing that would be bad as an unencrypted copy of the file would be left over unless you used one the the "file shredding" programs out there to overwrite the storage medium the file(s) occupy.
Cancer Survivors -- Remember the fight, celebrate the victory!
Help control the rugrat population -- have yourself spayed or neutered!
I don't do allot of encrypting, some, but for other reasons. I find using something other then MS works, such as OpenOffice is enough of protection. For their is some 200 programs out there to recover forgotten passwords on every MS product you could think of. I haven't found one for OpenOffice, but that doesn't mean that 'Cain & Abel' wouldn't work ether.
I've tested OpenOffice with passwords and it's not bad. I couldn't read it or see into it.
As for zips, Winrar performs the best for password protection. 7zip is nice to have for a portable zipper, but runs about even with Winzip for password protection... about zip.
One thing to think about, with all that encrypting/unencrypted file access, how long you think the drive will last!
If you password lock your files, do it right. Nothing less then 9 characters, with upper, lower case, numbers and non-alpha characters.
This would take less then 30 min. 'dogwar', this maybe a day 'Dog1War', this months 'Wa0^D9org'. Harden passwords over 8 characters work the best, of course, now you need a password keeper.
----------------------:)
Did you know that the entire operating system use to fit on a 5 1/4" floppy disk!
OK, I'll try password protecting key files (a pain though as I don't need that on my main system) but I'm still looking for better solutions. If I can't encrypt other than with passwords are there any security programs that obscure data - hide directories and files without a password. This would at least provide a modicum of security for all but the most determined users.
Due to the limitations of FAT partitions your only option is software. There is allot of programs out there that clam to lock, hide and password protect file systems, just have to try one.
----------------------:)
Did you know that the entire operating system use to fit on a 5 1/4" floppy disk!
[quote]
7-Zip supports encryption with AES-256 algorithm.
This algorithm uses cipher key with length of 256 bits.
To create that key 7-Zip uses derivation function based on SHA-256 hash algorithm.
A key derivation function produces a derived key from text password defined by user. For increasing the cost of exhaustive search for passwords 7-Zip uses big number of iterations to produce cipher key from text password.
http://www.7-zip.org/7z.html
[/quote]
Just use keepass (or some other FOSS password-manager)
to generate a strong random pw (and remember it).
good luck bruteforcing that !
I use SecurFlash from http://www.encryptx.com/. It isn't free - but only about £7. Well worth a look in my opinion!
This may be what I'm looking for but here's the $24,000 question - do I need administrative rights on the computers I put my flash into? It seems there are many encryption programs, but most will not work in an internet cafe where you have limited rights.
I've been investigating the same issue. I'm leaning towards Truecrypt - www.truecrypt.org. It's open source (pre-installed on Corsair's Flash Voyagers) and powerful.
The problem of needing administration rights remains for the person on this thread who is concerned about that. The Truecrypt FAQ (www.truecrypt.org/faq.php) suggests using BartPE - www.nu2.nu/pebuilder/ to get around this issue.
But using that would mean having to boot into the cd or usb every time you want to use the encrypted volume, not very user friendly in my book. I would just want it to run from my native windows, so it does not really help now does it?
***********************************
Deuce {The Core}{Dev Blog}
Portable Software: Just the beginning.
Deuce
Portable Software: Just the beginning.
There are ways around booting your Windows pc and using BartPE. On the USB stick run QEMU and have it configured to boot BartPE which can then access your encrypted data volume. [g]
Ed
Ed
is ok. A little slow and buggy for me though.
***********************************
Deuce {The Core}{Dev Blog}
Portable Software: Just the beginning.
Deuce
Portable Software: Just the beginning.
I've been looking at TrueCrypt pretty hard for the past few days myself. I'm satisfied with KeePass and the portable versions of Firefox and Thunderbird as far as protecting my information. It's the documents that have sensitive information I'm concerned with. I have enough PDF, doc, xml, ini, etc files that password protecting them all is just not feasible.
I've done some testing and have found that TrueCrypt can create an encrypted repository on the flash drive. The admin privileges come in because after you create this repository you MUST mount it. At that point a drive letter is assigned and you can work freely with the files contained in the repository. When you're done you simply dismount the repository. All files contained within it stay encrypted. The repository is as easy to work with as a file. You can copy, move or delete it.
The above is a watered down version of what really happens, so please don't flame me for not being technically accurate. From the novice perspective this is (for me) exactly what I'm looking for, a secure location on my flash drive to place sensitive information. Now if there was just some easy way around being able to mount the repository on a guest account!
I use databank portable i have over 50 gigs in dif folders in it all encrypted and i dont need admin rights and no one can see the folders.