When you encrypt a file or a hard drive, is it really secure?

Porcupins asked the Antivirus & Security Software forum if encryption standards like AES really make your data secure.

Porcupins asked the Antivirus & Security Software forum if encryption standards like AES really make your data secure.

There's no such thing as perfect security. Someone with sufficient time and money, and a strong enough motive, can crack anything.

So the real question becomes: Is your encryption secure enough. And the answer is: If your encryption software uses a recognized and respected standard such as AES or Blowfish, and you use strong passwords and take other precautions, it almost certainly is.

[Email your tech questions to answer@pcworld.com or post them on the PCW Answer Line forum.]

Given enough time or processing power, any password can be cracked through a brute force attack--where a program throws words and random character strings at an encrypted file until it stumbles upon the right password. But with a sufficiently strong password, the time and processing power required is just not practical.

To get an idea of how quickly a password can be cracked, check out How Secure is My Password? When I tried the word password, the web site told me that a conventional PC could crack it "almost instantly." On the other hand, if I used a random string of eight lowercase letters, my files would be safe for all of 52 seconds. But a string of 18 characters, including digits, punctuation, and upper- and lowercase letters, would remain safe for "3 quintillion years." I think that's sufficient--even assuming the use of hardware more powerful than a single PC.

But back up your strong passwords with other good habits. Always be suspicious about possible scams. Keep your security software up to date. Never share a password with anyone with whom you wouldn't share a credit card account. And if a Web site offers two-step verification, use it.

When you come right down to it, your security system doesn't have to be 100-percent impenetrable. It just needs to be harder to crack that most other, equally-tempting targets.

See Learn to use strong passwords for more on protecting yourself. And read the original forum discussion.

Join the CSO newsletter!

Error: Please check your email address.

Tags Linesecuritypasswords

More about AES Environmental

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lincoln Spector

Latest Videos

More videos

Blog Posts

Market Place