Backing up Bank Details to the cloud.

danjo-xx · 29-06-2015 8:52pm #1

Think I know the answer to this, but I have my bank details on a flash drive and then backed up to another flash drive.

All info in a password protected excel file.

I'm reluctant to make a hard copy and keep in the house, and have no one that I could really ask to keep a copy of the file.

Would storing a copy on 4 shared for example be a mad idea, and would it stay password protected up there.

Oink · 29-06-2015 8:57pm

I don't know if the latest version of excel is any different, but I remember a while back it used to take my friend 1.5 minute to crack an excel password.

And whatever you do, do not assume that your data is 100% safe on a 3rd party site/cloud.

Also, read your banking t&c again, because doing that may breach the terms about taking reasonable precautions to safeguard your banking details.

lickme · 29-06-2015 9:10pm

All depends on the strength of your password and don't save the file as banking details, something like car parts etc. No Dictionary words, capital and small letters, plenty of symbols etc. I'd use true crypt personally or winzips encryption. Something in the lines of a password like D3f@$67g^^g56%=

maki · 29-06-2015 9:58pm

lickme wrote: »

All depends on the strength of your password and don't save the file as banking details, something like car parts etc. No Dictionary words, capital and small letters, plenty of symbols etc. I'd use true crypt personally or winzips encryption. Something in the lines of a password like D3f@$67g^^g56%=

Not useful in this case. A complex password like that won't be easy to remember and the OP will need to save it in a file somewhere, which will need to be password protected...

Relevant xkcd.

ED E · 30-06-2015 12:06am

TBH this is one area why I'd go full luddite. Its actually really really difficult to get pwnd with a hard copy, if you keep a small sheet of paper in a place where nobody will look you're very safe. One mistake with a "passwords file" and you're done for. Every time you open that excel file your passwords are stored in PLAIN TEXT in a temp directory.

If you're storing cryptographic keys say, then theres a need to keep multiple copies, but bank access info doesnt require this as if theres ever data loss you'll have a recourse method with the bank (letter with a new pin etc).

Atlantic Dawn · 30-06-2015 12:11am

Excel passwords are not at all secure, can be easily cracked.

Dravokivich · 30-06-2015 8:51am

lickme wrote: »

All depends on the strength of your password and don't save the file as banking details, something like car parts etc. No Dictionary words, capital and small letters, plenty of symbols etc. I'd use true crypt personally or winzips encryption. Something in the lines of a password like D3f@$67g^^g56%=

Not with Excel. It was at once one of the most pirated software suites out there. Don't use what's considered a "protective" feature within it.

A lot of people in corporate environments do this themselves with excel trying to make things "extra secure" only to forget the password. It's nothing special to get around it.

maki · 30-06-2015 11:04am

Atlantic Dawn wrote: »

Excel passwords are not at all secure, can be easily cracked.

In older versions of Excel yes. Office 2007 onwards uses 128-bit AES which is completely secure assuming a strong key.

mach1982 · 30-06-2015 11:48am

I would encrypt the usb using something like true crypt

http://www.howtogeek.com/61810/how-to-protect-your-flash-drive-data-with-truecrypt/

draiochtanois · 30-06-2015 11:53am

This post has been deleted.

moc moc a moc · 30-06-2015 9:29pm

maki wrote: »

In older versions of Excel yes. Office 2007 onwards uses 128-bit AES which is completely secure assuming a strong key.

And how, pray tell, is the strong key generated? Bearing in mind that a password is not used as an AES encryption key. The question then becomes "how secure is the key-generating function".

maki · 30-06-2015 10:32pm

moc moc a moc wrote: »

And how, pray tell, is the strong key generated? Bearing in mind that a password is not used as an AES encryption key. The question then becomes "how secure is the key-generating function".

I'm assuming Microsoft use their own DPAPI for Office, and so will use PBKDF2 to generate the key from a passphrase. This relies on the passphrase being long enough of course, but my point was that the encryption can no longer be "broken" as was possible pre Office 2007.

danjo-xx · 01-07-2015 9:41pm

thanks lads, as I'm 66 think it might be safer to go with a hard copy stored somewhere in the house that hopefully I will remember or someone else will if I get Alzheimer's or worse.:D

_Tombstone_ · 03-07-2015 11:02pm

Use 7 words from the 7th line of the 7th page from some book with truecrypt.

That be a big ass password, then you just have to remember what book it was.

ressem · 04-07-2015 2:37pm

Definitely stay with a hard copy. Preferably in a fire / water retardant document wallet, together with insurance details, will, health documents.

Excel docs and truecrypt files are vulnerable to corruption making them a major technical effort to read, whether stored locally or on the cloud.
So if you follow this route you'll need to keep lots of copies, preferably some off-line.

mada999 · 07-07-2015 12:38am

you prob dont need to write down a hard copy password..

A good way could be :

Grab your favourite book on your book shelf... open a page and remember the page number or just write down the page number somewhere..such as 'bank password' = 23

use the first letter in each line of text and for each paragraph use a symbol... first paragraph use ! second paragraph use " and so on..

or you could use the first letter in each paragraph and use ! and " in between and so on and so on...

Backing up Bank Details to the cloud.

Comments