Helping people with computers... one answer at a time.
Keeping information private on your computer is harder than you might think. Some obvious solutions aren't as secure as we might like.
I keep a daily journal in Microsoft Works on Windows XP. Is there a way to put a password on it, or lock it up somehow, so only I have access to it?
There are several approaches to keeping your private data private. Some good, some bad, and many in-between.
Let's look at the list, from least to most secure.
I'll start by suggesting that whatever you do, you regularly backup your uncompressed document in a safe and secure place. Many of these techniques have no recovery option should you lose your password, or should the file become corrupted for some reason. As with all things: backup early, backup often.
Many applications allow you to password protect their native files. I'm not sure about Works, to be honest, but programs like Word, Excel and others allow you to specify a password on the document that you must specify in order to open it. In Word, for example, you can set a password on your document in the Tools menu, Options dialog, Security tab.
The problem with built-in password support, is that it's typically not that robust. Historically application-provided security has been relatively easy to crack. I view it as the classic case of "keeping honest people honest", but not really a serious deterrent to a motivated hacker.
Many programs that create compressed archives also support password protection. Check programs that create ZIP and other types of compressed files for options relating to passwords. The approach here is to compress your document into, say, a password protected ZIP file, and only uncompress it when you want to view or modify it. Recompress it when you're done, remembering to delete the uncompressed version.
Sadly, most password protection in these compression utilities is also on a par with that in the applications themselves. A dedicated hacker with enough time and resources can probably get through the protection eventually.
The reason that applications and utilities above have less than industrial strength protection is simply that password protection is just a feature added on to an application that really exists for another purpose.
The next level up, of course, are utilities that are intended specifically for security.
My favorite for exactly the scenario you describe is a Windows utility called TrueCrypt. TrueCrypt allows you to create a highly encrypted file that appears as a virtual disk drive on your system. You can copy any files on to that "drive" and they are automatically encrypted. The file containing the virtual drive can be copied to any machine, but you must specify the password in order to mount the drive and view its contents.
TrueCrypt is ideal if you travel and need to carry sensitive data with you. I cover it in a little more detail in the article How can I keep data on my laptop secure?.
So far everything I've covered is password based, and therefore highly dependant on the password you choose. Choose a weak password and no technology can keep someone from guessing it.
Another approach is to use public key encryption. Using a utility such as GPG (Gnu Privacy Guard), you can create public and private keys, and encrypt your files with a public key such that they can only be decrypted by someone holding the matching private key. This is industrial strength encryption, but might perhaps be overkill for common use. It's one approach to encrypting email messages, for example, and I cover it in a little more detail in How do I send encrypted email?.
As you can see there are several approaches. If this is just a lightweight situation it's possible that application password support may be enough. In general, though, my recommendation for both security and convenience, remains TrueCrypt.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.