How safe is encryption actually?

JustAnotherSaver

k_man said:

JustAnotherSaver said:

But literally the only way I could forget the password to this is if I took a bump to the head & had severe memory loss. I have 4 variations of this 1 password. If I don't get it with the first attempt then it will be got in 1 of the other 3, no question.

This comment suggests you reuse the same password (or 1 of 4 variants) for different things.
If so, then any encryption, or security reliant on these passwords, is not safe (passwords get leaked and compromised).

You'd be correct. 

Overall it is something I'll be getting round to changing. 

Now I know that sentence right there gives the finger pointers an excuse to have another dig but whatever makes them sleep easy at night. 

I agree with you for most things that basically it needs to be like the P/W tallmansix mentioned. But I would disagree about a drive in my possession. If I have say an encrypted portable drive then I would disagree that having a password I've used before is basically handing my next door neighbour the key to it. I'd say the chances are very very slim that way. 

Anyway, bringing it back to my very straight question about that cable. 

Hopefully we're not all politicians here, so who's in the know? 

GDB2222

I have one password that has been thoroughly compromised. I use it for all sorts of low risk activities, such as logging on to forums such as this. For anything important, I have unique and strong passwords.

HTH

k_man

Agreed, for a physical drive the risk is lower, but this started with a reference to cloud.
Just don't tell us you rotate the same passwords online... otherwise I think I know what one of your future threads will be 😉.

But cables... Cat 6 is fine.
Many of the world's local networks run on Cat 5

JustAnotherSaver

k_man said:

But cables... Cat 6 is fine.

I'm afraid that wasn't the question.

Maybe the question got lost with the politicians & overthinking?

Ergates

JustAnotherSaver said:

k_man said:

But cables... Cat 6 is fine.

I'm afraid that wasn't the question.

Maybe the question got lost with the politicians & overthinking?

IF the specific question was "Is this CAT6 or CAT6A", then it's CAT6 

Ergates

JustAnotherSaver said:

Why would one of these containers become corrupt? I'm going to assume that one possible reason could potentially be nothing more than 'just because'?

Just because basically.  It's very unlikely whilst stored on a drive, but can happen (very rarelly) whilst being transmitted over a network (e.g. a network glitch means you lose some packages).   Encrypted files *can* be a bit more susceptible as if it gets damaged enough then it becomes impossible to unencrypt.   

JustAnotherSaver said:

To back up an encrypted container is it the same? Do you simply drag & drop and it retains all its encryption plus contents - so you open the newly created file, input your password and voila? 
Or do you need to mount it, create an encrypted file in the new drive & copy over to that?

Depends on the software etc, but generally an encrypted container is just a file that you can drag and drop like any other - in the same way that a box of eggs is just an object that you can move about.

JustAnotherSaver

JustAnotherSaver said:

Now I'm going to guess since it says Cat6 then it's Cat6 and not Cat6A (unless Cat6A cabled don't mention the A, which would be a bit daft).

Can anyone confirm based on the markings on that cable whether it's 100% Cat6 as I suspect or whether it's Cat6A?

Ergates said:

IF the specific question was "Is this CAT6 or CAT6A", then it's CAT6 

I thought the question pretty clear but I guess not.

Thanks for the answer & confirmation though.

Imagine if this was a coffee shop...

Do you do a cappuccino here?

We do a latte, a mocha, a cortado, a flat white........................

Yeah I just want to know if you do a cappuccino.

Well IF you had asked if we do cappuccino's, then the answer would be yes.

JustAnotherSaver

GDB2222 said:

I have one password that has been thoroughly compromised.

Anyway, now the cabling question has been answered, I can get on with asking about this...

How do you know it's been compromised? Have various accounts been hacked?

k_man said:

But cables... Cat 6 is fine.

And now it's been answered I can say that I was only asking to know for 100% what I'd put under the floorboards.

Anyone who thought I was going to change it wants their head read.

I need a new cable as I'm moving my PC that's all. I just wondered what it was.

Nothing more ... nothing less.

Ergates said:

JustAnotherSaver said:

Why would one of these containers become corrupt? I'm going to assume that one possible reason could potentially be nothing more than 'just because'?

Just because basically.  It's very unlikely whilst stored on a drive, but can happen (very rarelly) whilst being transmitted over a network (e.g. a network glitch means you lose some packages).   Encrypted files *can* be a bit more susceptible as if it gets damaged enough then it becomes impossible to unencrypt.   

JustAnotherSaver said:

To back up an encrypted container is it the same? Do you simply drag & drop and it retains all its encryption plus contents - so you open the newly created file, input your password and voila? 
Or do you need to mount it, create an encrypted file in the new drive & copy over to that?

Depends on the software etc, but generally an encrypted container is just a file that you can drag and drop like any other - in the same way that a box of eggs is just an object that you can move about.

Thanks. That helps

k_man

JustAnotherSaver said:

GDB2222 said:

I have one password that has been thoroughly compromised.

Anyway, now the cabling question has been answered, I can get on with asking about this...

How do you know it's been compromised? Have various accounts been hacked?

A good starting point to see if any accounts using your email address/username have been compromised:

https://haveibeenpwned.com/

If there are any results, there is significant risk that the associated password used on that system has also been compromised.

You can also check if a specific password is in a compromise list here:
https://haveibeenpwned.com/Passwords

Note: this does involve sending a hashed version of your password  to the site (ETA: you don't have to hash the password yourself, this was just highlighting that you are sending your password to the site, albeit not in plain text)

Many password managers can do both these checks automatically for you.


Finally, not showing in these lists doesn't mean you credentials aren't leaked, just that they are not in the public lists (yet).

JustAnotherSaver

k_man said:

JustAnotherSaver said:

GDB2222 said:

I have one password that has been thoroughly compromised.

Anyway, now the cabling question has been answered, I can get on with asking about this...

How do you know it's been compromised? Have various accounts been hacked?

A good starting point to see if any accounts using your email address/username have been compromised:

https://haveibeenpwned.com/

If there are any results, there is significant risk that the associated password used on that system has also been compromised.

You can also check if a specific password is in a compromise list here:
https://haveibeenpwned.com/Passwords

Note: this does involve sending a hashed version of your password  to the site (ETA: you don't have to hash the password yourself, this was just highlighting that you are sending your password to the site, albeit not in plain text)

Many password managers can do both these checks automatically for you.


Finally, not showing in these lists doesn't mean you credentials aren't leaked, just that they are not in the public lists (yet).

Interesting.

One of my email addresses has been in 7 data breaches, but the one I use for 'official' stuff hasn't been in any.

A typical password I'll use has been 'seen' 4 times, however a variation of it hasn't been seen at all.

Thing is - what does this actually MEAN? In normal-talk.

It's been compromised - so what?

It's been in a data breach - so what?

Password has been 'seen' - well by who, and how, and regardless, so what?

If my details had been got at then surely they would've accessed my stuff, yet they haven't. Or they have but never did anything & I never got any alerts to say my account had suddenly been accessed from halfway across the world.

So things are riskier but what does THAT mean? Someone has all my details & they're just waiting for the right day to use them?

And how has my keyboard smash, not even a proper word password been 'seen'? Tracker files on my PC?