I decided to change my 2FA from Authy to 1Password (I get the pros and cons of having 1P do both but I feel ok after spending way too long reading up on it).
This, however, led me down a rabbit trail of updating weak passwords at various sites, enabling 2FA,
THEN - I got to fretting about whether I should have an extra layer of protection (encryption? password protection?) for a few of my cloud-based files (e.g., tax info, for a time my 1Password emergency kit, etc.). These are all in Dropbox or Google Drive, which THEMSELVES are protected by 2FA, but I just wondered should I get a life – or should I worry further still about FURTHER protecting these?
I was all set to install and try out Boxcryptor, but saw that they just sold to Dropbox and are not allowing new accounts (neither is the functionality apparently available in Dropbox yet). I did simple pdf password protection of all my tax files within Dropbox, but just wonder if enough is enough or I should sensibly be doing anything else?
VeraCrypt is precisely what you want and works much better than a disk image. It is also cross-platform. You can create an encrypted container and mount it with the key. It uses extremely strong encryption.
A life is a wonderful thing, I highly recommend it.
I keep my tax records, etc. in 1PW and in encrypted dmgs on my laptop. I keep just about everything else in my Google Workspace account. My GW files sync to my laptop and everything is backed up locally and to Backblaze B2 via Arq. (I also keep a hard copy of my 1PW emergency kit around because one day I’m not going to boot up.)
Privacy and security is important. But those terms are especially important to marketing departments who are trying to sell you something. Seven years of tax and bank records, digital copies of my birth certificate, passport, drivers, & pilot licenses, etc and everything else that I consider sensitive could fit on a thumb drive. It doesn’t take much to store and protect them.
My medical records are all online. I can access billing, test results, medications, etc. though an app. Information like my name, address, birthdate, place of employment, etc. is public knowledge. Regular email isn’t private, the best we can do is protect our account so others cannot use it. And I don’t worry about anything that I know is available on a commercial background or credit report.
IMO, we should protect the few things that can be protected and use reasonable caution with everything else.