📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

How secure is Google Drive for holding bank information?

Options
1246

Comments

  • pramsay13
    pramsay13 Posts: 2,154 Forumite
    Part of the Furniture 1,000 Posts Name Dropper
    I'm perfectly comfortable with all my sensitive data on google drive.
    I think google will be one of the most careful to keep their data secure as any major breach would be catastrophic for their business.
  • benjus
    benjus Posts: 5,433 Forumite
    Part of the Furniture 1,000 Posts
    AndyPix wrote: »

    That tool requires access to the private key that was used to encrypt the document (i.e. it's designed for IT departments of large organizations to be able to remove password protection from documents encrypted within the company's systems). You can't just use it with any arbitrary document.
    Let's settle this like gentlemen: armed with heavy sticks
    On a rotating plate, with spikes like Flash Gordon
    And you're Peter Duncan; I gave you fair warning
  • AndyPix
    AndyPix Posts: 4,847 Forumite
    Fifth Anniversary 1,000 Posts Name Dropper Photogenic
    pramsay13 wrote: »
    I'm perfectly comfortable with all my sensitive data on google drive.
    I think google will be one of the most careful to keep their data secure as any major breach would be catastrophic for their business.


    ^^ This ..


    And in reply to the OP, all this went slightly off topic and you are right, it is not something to worry about for the level of security required for your application
  • mt99
    mt99 Posts: 472 Forumite
    As stated above, that link is for when you have password protected document with a public/private key pair, and the admin needs to have previously "created one or multiple EscrowCert registry keys in the client computer registry"

    Needless to say that has no bearing on a home user saving a word/excel file with a password. When that file is saved that way, the document is saved in an encrypted format using 128bit AES encryption and unless you know the key (or can guess it, or can brute force attack it successfully) then you have no access to that file.

    So, the simplest way to save your data is to save in a password protected Excel (or Word) file, using a recent version of MS Office, and make sure 1. the password is not trivial and 2. the people you trust know it.

    Regarding password - longer is of course better but remember a word counts as one letter if someone is doing a dictionary attack eg the password 'cabbagesfrequentlyinhabitallotments' is in fact a 4 character password and a dictionary attack will break it in seconds.

    Better to use eg the first letters of a song or poem you know eg the password 'gsogqllonqgstq' (god save our...) but don't choose that one it's too common!
  • Right let's just settle it between you guys because both sides are claiming to be right and i've no idea who is and isn't. So on that note...

    Those saying the password can't be cracked ... go ahead & create a file, leave a message for Andy in your document & secure it as you wish with encryption and passwords.

    Then upload it for Andy.

    If it can be cracked as easily as he says then he'll post up what your message in the document was and he was right. If he can't then you were right & the debate can end.

    How about it? :)
  • benjus
    benjus Posts: 5,433 Forumite
    Part of the Furniture 1,000 Posts
    Right let's just settle it between you guys because both sides are claiming to be right and i've no idea who is and isn't. So on that note...

    Those saying the password can't be cracked ... go ahead & create a file, leave a message for Andy in your document & secure it as you wish with encryption and passwords.

    Then upload it for Andy.

    If it can be cracked as easily as he says then he'll post up what your message in the document was and he was right. If he can't then you were right & the debate can end.

    How about it? :)

    Seems fair.

    Here goes: https://we.tl/dBDaIimwpo
    Let's settle this like gentlemen: armed with heavy sticks
    On a rotating plate, with spikes like Flash Gordon
    And you're Peter Duncan; I gave you fair warning
  • benjus wrote: »
    Seems fair.

    Here goes: https://we.tl/dBDaIimwpo
    I do hope your message was family friendly (in case he does crack it) :rotfl:
  • mt99
    mt99 Posts: 472 Forumite
    I don;'t understand why there is such confusion. A simple google of 'excel aes encryption' for example will find lots of info.

    eg https://technet.microsoft.com/en-us/library/cc179125%28v=office.16%29.aspx?f=255&MSPPError=-2147217396

    Office uses the Windows encryption system to encrypt the saved file. "When Office uses CryptoAPI, the encryption algorithms depend on those that are available in a Crypto Service Provider (CSP), which is part of the Windows operating system. The following registry key contains a list of CSPs that are installed on a computer:

    HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Cryptography/Defaults/Provider

    "Although there are Office 2016 settings to change how encryption is performed, when you encrypt Open XML Format files (.docx, .xslx, .pptx, and so on) the default values — AES (Advanced Encryption Standard), 256-bit key length, SHA1, and CBC (cipher block chaining) — provide strong encryption and should be fine for most organizations. AES encryption is the strongest industry-standard algorithm that is available and was selected by the National Security Agency (NSA) to be used as the standard for the United States Government."

    The weakest point is definately the password.

    PS good luck decrypting the sample document kindly provided by benjus
  • mt99
    mt99 Posts: 472 Forumite
    PS although I have not specifically pointed it out, you need to save your eg document as .docx and NOT .doc!
  • mt99 wrote: »
    I don;'t understand why there is such confusion.
    Because this is the internet - the place where everyone has their opinions and nobody will ever back down and accept that it's possible they are wrong. You could take a debate in 'real life' where two people will listen to each other and you could have the same debate online and it's often a me-me-me i'm right you're wrong and that's the end of it debate. That computer screen seems to change people.

    It's like going asking questions in the employment forum of this board. Ask 'in real life' and you can have a friendly discussion. Ask in there & out come the accusations, they'll tell you what you were getting at, the attitude you were asking with & basically make a whole stack of false nonsense up about you.

    Just my opinion of course but i find that computer screens and internet do strange things to some people.

    Not saying anyone here is or isn't suffering from that condition, it's just my opinion of life on message boards :)
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 351K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.6K Spending & Discounts
  • 244.1K Work, Benefits & Business
  • 599K Mortgages, Homes & Bills
  • 177K Life & Family
  • 257.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.