So you have encrypted all your files & stuff with an encryption tool thinking that you are secured…
But ask yourself these three questions…
1. Can you count your password on your fingers?
2. When was the last time you changed your password?
3. Have you ever felt that someone is still able to access the data?
4. Did I say three questions? 😀 😀
Think of this situation that a guy next door is able to brute force your password with some cracking tool… Yea’ what you read is right… There are plenty of open source tools which can brute force your password within seconds (milliseconds if you are very poor at naming you password 😛 ). The awareness of hacking and hacking tools is growing rapidly and even a naive computer user can also be able to download and try these tools.
I think this is one thousandth time you are reading this sentence (or probably more if you are regularly visiting eBay & Amazon). 😉
“Please use a password that contains lower case, upper case, symbols and numbers”
I know that it’s very embarrassing to type a password which contains numbers, upper and lower case alphabet and some freaky symbols. Of course the only concern we people have is that typing such passwords takes 2 or 3 seconds more than the regular ones. Well I am not saying that passwords like ajB83#&%(gs&$J^&(^+*(, shfiu(&87ad$%%$^KGauau* will help you (as they really seem like a Russian cursing at me) and it’s impossible to remember (even though you remember, it takes at least 30 attempts to type correctly). 😀
But you could create some random passwords from your personal life situations or your experiences like “My first breakup is on 14th February 1991” and convert it into a password like “My1stPlaN3” . And obviously it is very easy to remember if we try linking up to the situation instead of remembering password itself.
Nerds outside say that “We recognize the importance of a password only when someone steals our data…” 😉 A password is like toothbrush. Seems funny but rather perfect resemblance. The longer you use them the more chances that you are gonna get effected. So I recommend that it’s a very good practice if we change our passwords frequently (and tooth brush too.) 😉
There is a quote of my own… “At any given point of time, Hackers are better than Developers”. So whatever developers try good, hackers try better. We must not give them a chance to take a shot on our password and we must be best at choosing passwords.
So well now coming to the topic (Oh! What?? Am I not reading the topic till now? 😛 )
One of the least bothered areas in the security world is file encryption. “TrueCrypt” is the best opensource tool developed for the sole encryption purpose. “TrueCrypt” uses a unique way of encrypting files by combining more than two encryption algorithms and giving a hash key as an input to this encryption algorithm which is generated by a toughest-to-crack hashing algorithms.
Research says that there are some brute-forcing tools which can scan up to a billion passwords a second (if I am not wrong). Of course there is no exemption that the TrueCrypt’s password can’t be cracked. There are many incidents where some hackers bypassed this TrueCrypt because of poor passwords used by the end-users.
Tools like TrueCrypt are extremely good at securing data but on one condition. That is using a good password (having all the conditions listed above) and which is more than 20 in length. The only small contribution we have to do is to provide a good, complex (and a memorable) password to this TrueCrypt and then everything is set. And a kudos that you are one of the guys who got secured with your data.
The hash key generated by this TrueCrypt and a complex password specified by the user is such a complex thing to crack that it take a light year to bypass the system even by the combination of a best bruteforcing tool and a high-end super computer designed till date.
Happy Passwording!!! & Happy Encrypting!!!
fixnix 