Home Advice & How-ToGuides Up Your Security Game by Learning to Encrypt Files
Home Advice & How-ToGuides Up Your Security Game by Learning to Encrypt Files

Up Your Security Game by Learning to Encrypt Files

by Fred Decker

One recurring theme that crops up in a number of fairy tales is “fairy gold”: A human is paid for his services in gold, or perhaps thinks he has stolen a life-changing fortune in gold from the land of the fairies, only to find that in the morning — or when it’s handled by humans — it disappears, or changes to something worthless. 

For identity thieves, your personal identification is the pot of gold at the end of the proverbial rainbow.  Encrypting your files makes them the “fairy gold” of identity theft by changing them into unreadable gibberish.  Learning how to encrypt files is relatively straightforward, and it provides a valuable measure of protection against scammers and fraud artists. 

What is Encryption?

When you were a kid, did you play around with secret codes?  They were popular enough at one point that “secret decoder rings” — a common promotional gimmick — became a catchphrase.  The idea is pretty simple: You take the original plain-text message, rearrange the letters according to a system that only you and the recipient of the message know, and send it.  Casual snoops won’t (in theory) be able to read it, though that depends on how well you’ve set up your code. 

Spokeo logo

Who's Calling Me?

Search any phone number to learn more about the owner!

Those plain ol’ paper coding systems, or ciphers, can be surprisingly secure.  The best version uses what’s called a “one-time pad,” a list of random numbers that’s given to both the sender and receiver.  Each character of the original message is converted to a number, then each character in turn has a number from the one-time pad added to it (they’re in sequence; if your message has 25 characters you’ll only use the first 25 numbers).  Only someone with the same page of the same pad can decrypt the message, and they’re destroyed after a single use.  These were, and still occasionally are, used by for-real spies for secure messaging. 

Encryption on your modern devices uses the same basic principle: Your files are translated through an encryption key (the digital equivalent of a one-time pad) and only authorized users who have the key can decrypt the messages.  There are lots of current and former encryption standards for computers, if you really want to geek out on them, but it’s not necessary.  All you really need to know is that current devices and OSs use current encryption standards, and that they’re very good indeed. 

What You Should Be Encrypting

If you regularly travel away from home for business or pleasure, you likely have a list of valuables you attend to before you leave: things that get hidden, things that get locked up or put in storage for safekeeping.  You need to think of the contents of your computer or phone in the same way.  What are the most valuable or sensitive pieces of information on your devices, the ones that could cause you the most harm if they fall into the wrong hands? 

Anything relating to your finances should be at the top of the list, and so should any legal documents.  Those are rich in the kind of information identity thieves thrive on.  You might not think of photos, but they’re important as well: Identity thieves can use those to create fake identification in your name, or set up fake social media or dating app accounts for phishing purposes.  If any of your photos are somewhat risque, scammers might blackmail you with the threat of releasing them.  Your passwords, usernames and other login credentials are especially sensitive, because with those attackers can gain access to your accounts. 

Anything work-related is important as well, especially if your devices contain your clients’ (or your suppliers’) information.  Your company may already have measures in place, so you’ll need to speak with your company’s security or IT people about that. 

How to Encrypt Files

There are a couple of ways to encrypt files.  One is to simply identify any files that are especially sensitive, and encrypt them individually.  That’s often done directly through the app or program itself.  In MS Word, for example, you’d open the File menu, choose Info and then Protect Document, and then “Encrypt with Password.”  Enter a password of up to 15 characters, and you’re done. 

A second option encrypts your actual drive, in whole or in part, creating the digital equivalent of a safe with a combination lock.  Files you choose to encrypt are saved to that “vault” by your OS (OSX’s FileVault or Windows’ BitLocker, for example) or by third-party apps.  If you opt to encrypt the whole device or drive, everything is encrypted.  Alternatively (in some apps or OSs), you can create a separate folder, which looks and acts like a USB thumb drive or a small second hard drive, and save chosen files to it. 

In each case, you choose a password or some other form of “key” in order to decrypt the files.  If you forget or lose that key, you’ll lose access to all of the files and data you’ve encrypted.  On the other hand, if someone learns or guesses your password, they’ll have gained access to all of your files.  The bottom line?  Your password is really, really important. 

Securing Your Encrypted Files

Keeping your encrypted files secure requires two things: a password that’s really strong (and therefore difficult to break), and one you can absolutely, positively, for-sure remember.  Unfortunately, as a rule, the better your password the harder it is to remember. 

There are plenty of guides to creating strong but memorable passwords, so find a method that works for you and create one.  Of course, if you use multiple devices you’ll need multiple passwords, so the best option might be to invest in a cross-platform password management app (there are lots of good ones).  Then you’ll only need to remember the password that locks your password manager, and from there you can just look up the rest.  As a bonus, it’ll also remember everything from the combination on your gym locker to your online passwords, so you can finally develop that good habit of using a different password for every site.

You can also strengthen your security by using a second method to verify that it’s really you.  You’ll be familiar with this method, thanks to sites and apps that require you to enter a texted code in order to gain access.  That’s called multi-factor authentication (MFA) or two-factor authentication (2FA).  Text messages aren’t necessarily the best way to go, mind you.  Most devices offer some form of biometric authorization, in the form of a fingerprint reader or facial recognition, and that’s more secure.  You can also use a hardware key, which must be tapped or inserted in order to gain access. 

How Does Encrypting Files Protect You? 

Scammers can gain access to your devices and data in a truly staggering number of ways, from eavesdropping on the public wi-fi at your local coffee shop, to phishing attacks that trick you into installing malicious software, to physically stealing your phone in the few seconds when you have your back turned. 

Any attack is only successful when criminals have your data.  By encrypting the files containing your data, you’ve made sure that simply gaining access to your data doesn’t give them your data.  It’s like giving them canned goods, but no can opener.  It’s not that encryption can’t sometimes be defeated (just as you can open a can with a rock if you need to), but it takes a lot of time and some sophisticated tools and skills, which most scammers don’t have.  

Fight Identity Theft with Spokeo Protect

Encryption on its own isn’t a magic bullet.  Scammers can still find your data through a variety of other means, so you’ll still need to understand the signs of identity theft and know what to do about it.  Spokeo Protect, the new identity protection solution offered by Spokeo, can act as your first line of defense. It helps users safeguard their credit, financial accounts, social security number, medical insurance and much more.