How secure is Google Drive for holding bank information?

pramsay13

I'm perfectly comfortable with all my sensitive data on google drive.
I think google will be one of the most careful to keep their data secure as any major breach would be catastrophic for their business.

benjus

AndyPix wrote: »

Double sigh .Please educate yourself

https://blogs.technet.microsoft.com/office_resource_kit/2013/01/23/now-you-can-reset-or-remove-a-password-from-a-word-excel-or-powerpoint-filewith-office-2013/

That tool requires access to the private key that was used to encrypt the document (i.e. it's designed for IT departments of large organizations to be able to remove password protection from documents encrypted within the company's systems). You can't just use it with any arbitrary document.

AndyPix

pramsay13 wrote: »

I'm perfectly comfortable with all my sensitive data on google drive.
I think google will be one of the most careful to keep their data secure as any major breach would be catastrophic for their business.

^^ This ..


And in reply to the OP, all this went slightly off topic and you are right, it is not something to worry about for the level of security required for your application

mt99

As stated above, that link is for when you have password protected document with a public/private key pair, and the admin needs to have previously "created one or multiple EscrowCert registry keys in the client computer registry"

Needless to say that has no bearing on a home user saving a word/excel file with a password. When that file is saved that way, the document is saved in an encrypted format using 128bit AES encryption and unless you know the key (or can guess it, or can brute force attack it successfully) then you have no access to that file.

So, the simplest way to save your data is to save in a password protected Excel (or Word) file, using a recent version of MS Office, and make sure 1. the password is not trivial and 2. the people you trust know it.

Regarding password - longer is of course better but remember a word counts as one letter if someone is doing a dictionary attack eg the password 'cabbagesfrequentlyinhabitallotments' is in fact a 4 character password and a dictionary attack will break it in seconds.

Better to use eg the first letters of a song or poem you know eg the password 'gsogqllonqgstq' (god save our...) but don't choose that one it's too common!

JustAnotherSaver

Right let's just settle it between you guys because both sides are claiming to be right and i've no idea who is and isn't. So on that note...

Those saying the password can't be cracked ... go ahead & create a file, leave a message for Andy in your document & secure it as you wish with encryption and passwords.

Then upload it for Andy.

If it can be cracked as easily as he says then he'll post up what your message in the document was and he was right. If he can't then you were right & the debate can end.

How about it?

benjus

JustAnotherSaver wrote: »

Right let's just settle it between you guys because both sides are claiming to be right and i've no idea who is and isn't. So on that note...

Those saying the password can't be cracked ... go ahead & create a file, leave a message for Andy in your document & secure it as you wish with encryption and passwords.

Then upload it for Andy.

If it can be cracked as easily as he says then he'll post up what your message in the document was and he was right. If he can't then you were right & the debate can end.

How about it?

Seems fair.

Here goes: https://we.tl/dBDaIimwpo

JustAnotherSaver

benjus wrote: »

Seems fair.

Here goes: https://we.tl/dBDaIimwpo

I do hope your message was family friendly (in case he does crack it) :rotfl:

mt99

I don;'t understand why there is such confusion. A simple google of 'excel aes encryption' for example will find lots of info.

eg https://technet.microsoft.com/en-us/library/cc179125%28v=office.16%29.aspx?f=255&MSPPError=-2147217396

Office uses the Windows encryption system to encrypt the saved file. "When Office uses CryptoAPI, the encryption algorithms depend on those that are available in a Crypto Service Provider (CSP), which is part of the Windows operating system. The following registry key contains a list of CSPs that are installed on a computer:

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Cryptography/Defaults/Provider

"Although there are Office 2016 settings to change how encryption is performed, when you encrypt Open XML Format files (.docx, .xslx, .pptx, and so on) the default values — AES (Advanced Encryption Standard), 256-bit key length, SHA1, and CBC (cipher block chaining) — provide strong encryption and should be fine for most organizations. AES encryption is the strongest industry-standard algorithm that is available and was selected by the National Security Agency (NSA) to be used as the standard for the United States Government."

The weakest point is definately the password.

PS good luck decrypting the sample document kindly provided by benjus

mt99

PS although I have not specifically pointed it out, you need to save your eg document as .docx and NOT .doc!

JustAnotherSaver

mt99 wrote: »

I don;'t understand why there is such confusion.

Because this is the internet - the place where everyone has their opinions and nobody will ever back down and accept that it's possible they are wrong. You could take a debate in 'real life' where two people will listen to each other and you could have the same debate online and it's often a me-me-me i'm right you're wrong and that's the end of it debate. That computer screen seems to change people.

It's like going asking questions in the employment forum of this board. Ask 'in real life' and you can have a friendly discussion. Ask in there & out come the accusations, they'll tell you what you were getting at, the attitude you were asking with & basically make a whole stack of false nonsense up about you.

Just my opinion of course but i find that computer screens and internet do strange things to some people.

Not saying anyone here is or isn't suffering from that condition, it's just my opinion of life on message boards