File (Excel) Security

[DocTom]

Can any experts assist me with the following?

I am concerned as to how secure is a Microsoft Excel file (or other similar), given that I use a password that I can set within the Excel programme. Will details contained therein, such as access codes to my financial accounts on websites, be safe from phishing or other attack via the web to my computer? ( I am getting old and cannot remember all the access details so I have to make a record somewhere! But it is imperitive that I do not expose my accounts to theft.))

I will appreciate any authoratative guidance.

DocTom.

[Chamezz]

Write it down on a piece of paper, and put all sensitive files on a USB-drive, which you only plug into your computer when transferring files to it.

[thaimite]

The password security of Excel is not that good, and can be defeated by a determined hacker. Do a Google search on Crack Excel; Password and see how many there are!

Later versions of Excel are are better than older ones.

You do not state what OS you are using, or what type of records and passwords you want to keep secure.

I use Keepass for passwords and bank details etc which has relatively secure encryption. and also Truecrypt is a product that will encrypt your data or put it on a hidden encrypted drive Putting your Excel file in a TrueCrypt folder would be a good alternative

Both systems have their advantages and disadvantages,

Like any secret the best security is not to let anybody know you have it. If everybody knows that all your bank details and other personal details are in Excel then that is the first weakness.

There are many ways of hiding and securing infomration and you have to find the one that is best for you, but if your are really paranoid about somebody getting your information then I would not recommend Excel especially if others have access to your computer and your Excel file is named "All My Passwords.xls" or similar

I used to use the middle 4 digits of a certain persons phone number as my bank PIN code. That way the number was easy to find on my phone, but it never looked like a bank PIN. All I had to do was remember whose name I had associated with my bank PIN

[thaimite]

Write it down on a piece of paper, and put all sensitive files on a USB-drive, which you only plug into your computer when transferring files to it.

Great idea until you lose the USB drive or worse.

[Crushdepth]

Download Password Safe and store your sensitive details in that. It stores them in a strongly encrypted form, and there is a USB version. You just need to remember the password to the safe - if you choose a strong one your details will be well protected and you don't have to worry if you lose it.

[Chamezz]

Write it down on a piece of paper, and put all sensitive files on a USB-drive, which you only plug into your computer when transferring files to it.

Great idea until you lose the USB drive or worse.

Obviously you would keep it in a safe place, and have redundancies.

[DocTom]

Once again I am impressed enormously by your knowledge and your generous assistance. I shall examine the products that you mentioned - I cannot rely on not losing items, so the memory stick is not a good option for me.

Thanks again,

DocTom.

[p_brownstone]

Google "Hide Folders 2009" - this software will effectively hide any Folder on your Computer - the private Folder / s are invisible to anyone who does not possess the Password.

Patrick

[supashot]

Once again I am impressed enormously by your knowledge and your generous assistance. I shall examine the products that you mentioned - I cannot rely on not losing items, so the memory stick is not a good option for me.

Thanks again,

DocTom.

Thumb drive is the safest option IF encrypted, use http://www.truecrypt.org/ to crypt the drive. Very easy to do.

[thaimite]

I agree a Thumbdrive and True Crypt is a good idea, but you DO NEED a backup

I use TrueCrypt inside a DropBox folder. This gets over any privacy concerns such as have been recently expressed about DropBox. . SpiderOak is a good alternative to Dropbox and a little more secure, but I would still use a TrueCrypt folder with it. (Just because I am paranoid does not mean that somebody is not out to get me!)

Using DropBox / SpiderOak, my data is available at work, home and any other location I may want to access it, and it is almost impossible to loose

For general passwords and bank details I use KeePass 2 which again is stored in DropBox and is also accessible from all locations including my (NOT I)phone

Using a combination of Linux and Windows has limited my selection of software but there are versions of KeePass and TrueCrypt for all operating systems.

[DocTom]

Guys - many thanks for your advice. After looking at the various options I thought that SafeHouse would be the best for me, so I have installed this and I think that I can now rest assured that my files are reasonably safe.

What a great site this is for getting knowledge and advice! Thanks again.

DocTom.