I decided to change my 2FA from Authy to 1Password (I get the pros and cons of having 1P do both but I feel ok after spending way too long reading up on it).
This, however, led me down a rabbit trail of updating weak passwords at various sites, enabling 2FA,
etc.
THEN - I got to fretting about whether I should have an extra layer of protection (encryption? password protection?) for a few of my cloud-based files (e.g., tax info, for a time my 1Password emergency kit, etc.). These are all in Dropbox or Google Drive, which THEMSELVES are protected by 2FA, but I just wondered should I get a life – or should I worry further still about FURTHER protecting these?
I was all set to install and try out Boxcryptor, but saw that they just sold to Dropbox and are not allowing new accounts (neither is the functionality apparently available in Dropbox yet). I did simple pdf password protection of all my tax files within Dropbox, but just wonder if enough is enough or I should sensibly be doing anything else?
if you have a NAS, you can move your cloud files (encrypted) to you NAS folders, then backup to Google Drive or OneDrive, etc using user defined passphrase for encryption.
I think there may be other neater solutions that others can offer, but this is one that I can come up for now
I prefer to keep sensitive data in dmg files encrypted with a long randomly generated password. And I keep an extra copy of things like tax returns in 1PW.
geez I confess I don’t know what that means exactly or how do do it. Is that using Disk Utility to convert a file or folder to a .dmg file? And then I can add a password?
VeraCrypt is precisely what you want and works much better than a disk image. It is also cross-platform. You can create an encrypted container and mount it with the key. It uses extremely strong encryption.
In the U.S. “There are three levels of security clearance : confidential, secret, and top secret.”
“(6) The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and
256) are sufficient to protect classified information up to the SECRET level.”
IMO, that should be good enough for my tax records.
A life is a wonderful thing, I highly recommend it.
I keep my tax records, etc. in 1PW and in encrypted dmgs on my laptop. I keep just about everything else in my Google Workspace account. My GW files sync to my laptop and everything is backed up locally and to Backblaze B2 via Arq. (I also keep a hard copy of my 1PW emergency kit around because one day I’m not going to boot up.)
Privacy and security is important. But those terms are especially important to marketing departments who are trying to sell you something. Seven years of tax and bank records, digital copies of my birth certificate, passport, drivers, & pilot licenses, etc and everything else that I consider sensitive could fit on a thumb drive. It doesn’t take much to store and protect them.
My medical records are all online. I can access billing, test results, medications, etc. though an app. Information like my name, address, birthdate, place of employment, etc. is public knowledge. Regular email isn’t private, the best we can do is protect our account so others cannot use it. And I don’t worry about anything that I know is available on a commercial background or credit report.
IMO, we should protect the few things that can be protected and use reasonable caution with everything else.