[AccessD] Encrypting your stuff was offsite backup

max.wanadoo at gmail.com max.wanadoo at gmail.com
Sat Nov 17 03:33:16 CST 2007


Hi John,
Yes, this is something that I will now set up, especially for my laptop and
memory stick.

FYI I also use cGeep to encrypt sensitive emails (www cgeep com) which uses
PGP encryption plus there is a web based version for those who do not want
to install it.  It can also encrypt files/directories directly which avoid
the need to mount a volume.  But what is great with TrueCrypt is that it
will run apps or all kinds directly from the encrypted file without storing
any decrypted data anywhere other than in memory.

All in all, in a few weeks I will have great encryption right across the
board.

Another trick which is easy to remember is "positioning" keys. Ie,
"qazwsxedcrfvtgbyhn" which if you look at a keyboard you will see that it
just traverses up/down across the key pad.  As long as  you remember
whatever positioning you use, then you actually do not need to even remember
the passphrase.  Needless to say, this positioning example is not my one
<smile>.  Throw a couple of other keys in with the alpha keys then it just
won't make any sense if terms of "real words" for brute force decryption
(although I think the TrueCrypt mention something like a billion years to
decrypt with a  supercomputer, so pretty safe really).

Max
 

-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of jwcolby
Sent: Friday, November 16, 2007 9:46 PM
To: 'Access Developers discussion and problem solving'
Subject: [AccessD] Encrypting your stuff was offsite backup

I use this for my own protection.  My laptop contains an encrypted file that
contains my Colby Consulting stuff (books, etc).  I have another encrypted
drive that contains all client projects.  Thus if the laptop ever does take
a hike, all data is encrypted.  the other nice thing about this is that you
can backup all your work by copying a single encrypted file to a backup
location.  If that backup location ever takes a hike no data is exposed.

I have a usb memory stick (just 1 gb for now) where 3/4 is an encrypted
file.  If I ever need to carry anything on my person, it is encrypted.  The
TrueCrypt program is stored on the unencrypted part and can be run from
there.  Thus I can stick the memory stick into a machine, run TrueCrypt,
mount the drive and copy files to/from.  Of course you do have to have admin
rights in order to do this.

I have been using this for about two years now and it just works.

Just don't forget your password.

I use the first character from a phrase or song, along with special
characters and numbers which make it dead simple to remember when you are
first learning your password.  For example take two nursery rhymes:

Mary Had A Little Lamb His Fleece Was White As Snow MhAlLhFwWaS (use
alternating upper and lower case) Throw two numbers in front of, behind or
around it
0MhAlLhFwWaS9
Now throw two special characters in front of that !0MhAlLhFwWaS9@

That all by itself is a pretty secure password.  If you want more, do that
twice, perhaps

Jack And Jill Went Up The Hill To Fetch A Pail Of Water #8JaJwUtHtFaPoW7$

!0MhAlLhFwWaS9@#8JaJwUtHtFaPoW7$

You get the picture.  Either one is a good password, the two together are
pretty industrial strength, and dead easy to remember until you have it
assigned to muscle memory.  Pick a favorite saying, slogan, song, whatever
you already have remembered and just use the first character of each word,
plus numbers and special symbols.  

Someone (on this list IIRC) claimed they had a password cracker that would
crack any password in XX seconds.  I think not.  My password is 21
characters long using a simple system like that and takes me about 10
seconds to type in.  10 seconds is not too much to ask for an industrial
strength memorable password.

http://www.lockdown.co.uk/?pg=combi&s=articles

John W. Colby
Colby Consulting
www.ColbyConsulting.com
-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of
max.wanadoo at gmail.com
Sent: Friday, November 16, 2007 2:11 PM
To: 'Access Developers discussion and problem solving'
Subject: Re: [AccessD] Off-Site Backup


Hi William:

Here is such an article which bears out your client's concerns:

SECURITY? STICK IT!
A recent survey by Tower Software has revealed that 49% of employees store
work-related files in multiple locations - posing serious security threats
and exposure as well as compliance and information management issues. 
To read the full story follow the link below...
<http://nfptechno.netxtra.net/3805.article?ref=538&cmr=1234180> 


I have the FE secured with user logins, etc.  The BE is password protected.
Both ends (now) contained within encrypted files.  Backups now contain
encrypted files.  Totally secure from "outsiders".

BUT! - once you are in the system, a (valid) user can still "do things"
unless he/she is totally restricted by the various methods outlined in
postings to this site. Ie. Menu systems, exporting options, printing data
options, etc.

At some stage there has to be employee trust.  Ie, unless I am trusted
(being the developer) then nothing else works.

Max




-----Original Message-----
From: accessd-bounces at databaseadvisors.com
[mailto:accessd-bounces at databaseadvisors.com] On Behalf Of William Hindman
Sent: Friday, November 16, 2007 6:22 PM
To: Access Developers discussion and problem solving
Subject: Re: [AccessD] Off-Site Backup

...whoa! ...now there is something I'd never considered ...I have a client
that is very concerned about employees stealing his data ...I'll have to
take another look at this.

William

----- Original Message -----
From: <max.wanadoo at gmail.com>
To: "'Access Developers discussion and problem solving'" 
<accessd at databaseadvisors.com>
Sent: Friday, November 16, 2007 9:26 AM
Subject: Re: [AccessD] Off-Site Backup


> John Colby:
>
> Many thanks for the pointer to TrueCrypt. This is fantastic!  I now 
> have all my BE Data in an encrypted file on the Server and the FE's in 
> an encrypted file on user's PC's.  Even if they steal all the 
> computers they will never get access to the data without my 40 char 
> key to mount the volumes.
>
> Brilliant tip, John.  Many thanks
>
> Max

-- 
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com




More information about the AccessD mailing list