Are you someone who keeps a text file on their Desktop with all there passwords in it? Do you write you account information and passwords on a sticky-note? I sure hope not! But if you do, consider encrypting that password file with high-grade encryption using reliable freeware.
I will review three free encryption applications; CCrypt, AxCrypt, and OpenSSL.
1. CCrypt
Pros: I admire it’s simplicity, how easy it is to pop open a terminal and run the command:
$ ccrypt -e file2encrypt.txt
$ Enter encryption key: {your password}
$ Enter encryption key: (repeat) {your password}
And you are left with an password encrypted AES file with the file extension CPT.
To decrypt run the command:
$ ccrypt -d file2encrypt.cpt
Before and After:
Cons: AES encryption using a passworde is only as strong as the password itself. The majority of attacks against the AES algorithm are brute-force and dictionary attacks. Therefore, I would recommend a password that is at least 12 characters long and contains, alphanumeric, symbols, etc. More information on password strengths vs brute-force attacks see here.
2. AxCrypt
Pros: great integration with Windows OS. Installable and context-menu integration, just right-click on a file and choose AxCrypt –> Encrypt. Check here for screenshots and usability. Uses AES encryption which is well known and documented. Has the ability to make a Key-File to be used with encryption/decryption. Conveniently Encrypt to exe(good and bad). Also, provided on their website is a portable Decrypt Only EXE. Allowing you to decrypt AxCrypt encrypted files without having to install the full application.
Screenshots:
Cons: Windows only specific, not cross compatible with other operating systems. (runs under wine great!). AES 128-bit only.
3. Openssl
Pros: Free open source software. Widely know suite of encryption algorithms. Multi-platform compatibility. Advanced users.
OpenSSL Commands for AES256 encryption using password:
openssl enc -aes-256-cbc -a -salt -in {file-to-encrypt} -out {encrypted-file-name}
enter aes-256-cbc encryption password: {your password}
Verifying - enter aes-256-cbc encryption password: {your password}
To decrypt:
openssl enc -d -aes-256-cbc -a -salt -in {encypted file} -out {unencrypted file}
Notes: -a is used to run the encryption through base64 encoding. Useful for sending the encrypted string over email and such. -d is used for decryption.
Screen captures:
Cons: Transferability. Meaning, if you don’t know what the original user encryption algorithm was then you won’t know which algorithm to use to decrypt.
Sources:
AES Wikipedia
CCrypt Web Site
OpenSSL Command-Line HOWTO
About AxCrypt
HowToUse AxCrypt
AxCrypt Screenshots provided by Softpedia
