Any explanation of Why to not store passwords in plaintext and encrypt folder in zip archive (I guess U cant break pass?) Pls don’t be agressive!!

  • utopiah@lemmy.ml
    link
    fedilink
    arrow-up
    17
    arrow-down
    1
    ·
    11 months ago

    Depends against whom you are protecting yourself. If it’s against

    • your younger sibling then it’s probably sufficient
    • some script kiddie or scammer running scripts against the most typical setups, might be just obscure enough
    • a proper targeted attack, then it will depend on which zip software you are using. Most likely the stock one that might (I didn’t bother checking) relying on something that is far from the state of the art in terms of encryption. In that case it will most likely not be secure.
    • a proper attack but you use something like 7z with encryption that is relatively resilient, then most like if you are not facing state actors with huge amount of resources to try to crack it, most likely secure

    Note I’m NOT a security expert so… don’t believe me.

    • Billegh@lemmy.world
      link
      fedilink
      arrow-up
      4
      ·
      edit-2
      11 months ago

      I don’t know that I’d really add more. It all depends on who and what you’re protecting against. The only thing that’s secure is something that doesn’t exist.

      National level hackers have access to resources you might not be able to think of. And if they really want in, rubber hose cryptography is super effective. But most “hackers” on the Internet? And encrypted zip is often enough to deter them. Not impossible, but you might not be worth the time and effort.

      In summary, there is better. Much better than an encrypted zip file. But only you can judge if you’re a juicy enough target to pursue more esoteric protection.