I would like a simple way to password protect a single text file under Windows. It contains all my many passwords, credit card numbers, etc. I could google it, but I would like one that someone on the boards knows is virus-free.
From Office 2007:
To encrypt your file and set a password to open it:
Click the Microsoft Office Button , point to Prepare, and then click Encrypt Document.
In the Encrypt Document dialog box, in the Password box, type a password, and then click OK.
You can type up to 255 characters. By default, this feature uses AES 128-bit advanced encryption. Encryption is a standard method used to help make your file more secure.
In the Confirm Password dialog box, in the Reenter password box, type the password again, and then click OK.
To save the password, save the file.
Rather than doing that, or if you don’t have Office, you might find it worth it to use a “password manager” program like KeePass, which is expressly for your task.
I use KeePass. To do more extensive encryption of whole file heirarchies I use truecrypt.
For simple one offs I use Winrar which can creat a zip file with encryption. For keeping all my passwords etc I use Treepad pro which uses encryption. For anything else I have a 5 gig file setup in truecrypt.
Another thing about a password manager is that it usually contains a “generate random password” function. Since using KeePass, I find I’ve been doing that. If it’s something I don’t use very often, using KeePass to retrieve the password is no big deal. If it is something I use often, after several times I will remember the random string.
My passwords are in a password-protected Word document with an innocuous name.
Programs that I use daily and trust:
Virus-free and no known backdoors. Can be run from a USB stick.
Programs that I would never trust:
Any version of Office, Outlook, Outlook Express or WinZip, mostly because these products used to have very weak encryption. I don’t really care if the security has improved today, because TrueCrypt and KeePass are much better programs for this purpose anyway.
Googling for “password recovery” gives you a long list of programs to avoid.
A trick I learned a long time ago was to not only not to name the file “passwords” but not to actually list the user name and passwords together. In other words, my table might look like:
Site Username Password ---- -------- -------- A user0001 passwd3 B user0002 passwd1 C user0003 passwd2
Even better is to store clues rather than passwords themselves. If the password is my username backwards, for instance, I might store as a clue my real name backwards. In actual practice, I tend to store the first couple of characters of the password, then asterisks then the last character.
I use a very simple program called AxCrypt. it’s free and easy to use.
How does that help if you forget the arrangement of your list, or if you forget what the stars stand for? At some point, in my opinion, security begins to overwhelm productivity, and, honestly, I think your style is past that point.
One has to accept reasonable risk, I think. Nothing is 100% safe, nothing.
Here’s my calculation: what are the chances of someone breaking into my home and stealing my computer? Slim. What are the chances, if my computer is stolen, that the thief or fence is interested in attempting to find a file with my passwords in? Slim. What are the chances that, if they are so interested, they will be able to identify that file? Slim. What are the chances that, if they do identify that file, that they have the ability to break through the password protection and encryption? Everybody join in now!–Slim.
That’s a lot of slim chances added together, and frankly, should all those slim chances fall into place, for me that falls into the “shit happens” category, and I’d expect to be struck by a meteor or win the lottery the next day. I’ve taken what I consider to be reasonable precautions that do not interfere with my ability to perform my tasks in an unwarranted degree. Obviously, YMMV.
For little text documents like that I just compress them with Winrar and put a password on that. Winrar can encrypt file names and whatnot as well. I’m sure the NSA could probably break into that file but it’s plenty good for just regular use.
WinRar uses 128-bit AES encryption, but only for the .rar format, not .zip