Portable mass storage devices that connect to computers via the USB port are universally known as "USB sticks" or "USB sticks" and are now the most practical and widespread way of physically exchanging files from one computer to another. After the era of uncomfortable and inefficient floppy disks and then CDs, the most practical method to carry around files of all types and sizes is represented by a key so small in size that it is now kept in a purse.
Its practicality is also its Achilles heel: just like losing a laptop PC can pose a big danger in terms of secrecy. Thus a flash drive, which by now has the capacity of a small hard disk, if lost can constitute a great danger for the confidentiality of data.
Encrypt files
The most practical method to defend against this risk is to encrypt the information contained in the key, making it readable only to those who have the password for decryption, whoever finds an encrypted key in this way will find in his hand an object full of (for him) unreadable documents .
There are essentially two practical ways to protect a key: you can encrypt all (or part of) the key or you can set a password for the single file you want to protect. The first method is safer, but the second allows a greater exchange of data while keeping confidential the things that you do not want anyone who uses the key temporarily to see.
Some programs allow you to protect the files they create with a password: it is thus possible to protect Word, Excel and PDF files. Unfortunately it is a very insecure method. There are various tricks to unlock so protected files, and even, with a quick Google search, there are sites that allow you to upload the encrypted file returning it perfectly unlocked.
The programs
The referral program used is VeraCrypt, available for Windows, Mac and Linux and is free. The program allows you to create and format an encrypted volume, previously deleting all the contents of the key or encrypting what is already present on the mass memory. This second option is slower and less secure, but should be taken when you don't have the possibility to save the files somewhere before encrypting the key. To open such an encoded flash drive you need to install VeraCrypt on the PC, and this is the negative side of the program: the key cannot be opened on PCs where programs cannot be installed or where perhaps there is no connection to download VeraCrypt.
Rohos Mini Drive instead it solves this problem as the program runs directly from the stick and therefore there is no need for anything else. The free edition of the program can create a hidden and encrypted partition up to 8GB, and uses the AES 256-bit encryption algorithm, which is extremely secure against attacks. Thanks to the software present on the key, it represents the ideal solution for those who want to have a key that can be used anywhere and with files on it always safe.
Secur Stick it is very similar, it creates a "safe zone" on the USB stick and does not require installation on the computer. Just launch the program, create a password and a secure area will be created on the stick. All files placed inside this secure area will be encrypted.
Finally, there is a less secure but very practical solution, since it uses very popular software that is practically always present on computers: the so-called "zippers", such as Winzip o WinRAR are programs that allow you to compress files and group them under a single package.
Having the ability to compress files using a password, it is very easy to create file packages, or even a single file, by attributing a password to them: subsequently it will not be possible to extract the file or package without entering the password. Even for these popular archiving programs there are various online cracking services, which are responsible for analyzing the file by trying millions of password combinations until you find the right one. However, here we are part of a broader discussion on password management, a discussion that we address below. However, zippers are good for quick use to encrypt many files on the stick in one go.
Passwords, cracking sites, password managers: let's try to clarify things a bit
We don't want to open a long, boring and complicated discussion on passwords, how to manage them, how to choose them and how to keep them, but it is possible to give some quick advice on how to organize the world of codes, passwords and keywords that we are all inevitably required to govern. starting from the ATM code up to the codes of very used sites such as those of the Public Administration (INPS, Agenzia delle Entrate, etc.).
The world of passwords is divided into two: the codes that are assigned to us by third parties (the bank, the credit card, the INPS site, etc. etc.) and the passwords that we can choose for sites and applications such as those described above for encryption of USB sticks.
For the codes that are assigned to us ex officio and that we cannot change at will, there is little to do, they must be stored somewhere, otherwise a long and annoying password recovery operation will take place.
Some sites force the user to change the code every X days and force him to choose combinations of numbers and letters that are difficult to memorize, so it is even more necessary to find a place to write the codes.
How to choose a password and where to store it
As with the ATM code which must be kept confidential, the rule is never to write any code "in the clear" (i.e. visible to everyone) anywhere, least of all on the devices we carry around (or on the ATM itself). A safe way to memorize these codes is to write them on an address book or mobile phone, however changing some data. For example, if you need to memorize the numeric code of the ATM, just write it by swapping some numbers, always the same. Or by adding a mnemonic number that is easy to remember, such as your house number. In this way it will not be necessary to remember the entire original code, but only how it was created: for example, just remember that the ATM code is the one written on the mobile phone diary but from which your house number must be subtracted, which in this case represents the encryption "key".
It's a quick and easy way to manage the sea of passwords that we all have, just invent a mental "algorithm" to apply to the code to memorize and write the altered password in clear text. It's not a very secure system but it is secure enough to give the user time to change the code (ATM card or other) in case the telephone or address book ends up under the eye of some stranger.
For passwords chosen by the user, even those used by the above programs, the basic rule is: never use easy passwords. The various online cracking programs (or crackers) rely precisely on the simplicity of the chosen password to try millions of passwords by drawing from a dictionary or a database of words. The more complicated and longer the chosen password, the longer it will take for the program to force the password, often using such long times as to make it inconvenient to search for the password itself. This is why combinations are requested that use punctuation marks, capital and small letters together with alphabetic characters. A good system may be to choose passwords using foreign languages (not English) or to invent completely words that don't exist or to write a meaningless sentence that cannot be present in a literature database from which the cracking program draws. So the security or otherwise of a key on which the data has been saved depends a lot on the care with which the encryption password has been chosen.
Once the password has been chosen, perhaps having invented it, however, one returns to the above problem, how and where to keep it?
You can use the method of creating a mental algorithm to write it in clear text having previously encoded it, or you can write only a part of it on the diary, forcing yourself to remember the rest.
Password storage apps
Finally, there is a safe method to manage all your codes: use a password manager, i.e. an app that allows you to organize all your passwords. These are apps that look like diaries, with the name of the site or service and the relative access password written in clear text next to it. This app contains all the passwords used and of course to be used in turn it will need a password: the advantage in this case is that you only need to remember one password to see all the others.
The data contained by the password manager is always written in encrypted form, so even if the phone is stolen or the app with all the data ends up in unwanted hands, without a password it is impossible to open the code box. Often these apps have a naturally encrypted cloud backup system, in the event of a change of phone or loss of the same, the data file will automatically be restored from the cloud (usually one of the free ones from Microsoft or Google).
The password manager can also be used to write credit card numbers or personal documents, the combination of the garage or anything you want to keep confidential: it is therefore an alternative to the encrypted key and it is a very secure alternative provided you have chosen well (see above) the program password.
Password Saver for Android is a simple, very secure app that stores any type of code and backs up the data to the cloud if necessary. Very simple to use, however, it does not have a web interface and therefore it is a bit awkward for the first time, but it is light and does not require connections except for backup and restore and it is free.
LastPass is perhaps the most famous password manager, integrates with browsers used to surf the internet, is compatible for Android, iOS and Windows Phone and allows entry from a web interface. It has a free basic version, but the paid one allows for cloud backup and advanced authentication systems such as fingerprints from a special reader on the PC.
