Re: How secure are passworded PDFs

Subject: Re: How secure are passworded PDFs
From: Andrew Plato <gilliankitty -at- yahoo -dot- com>
To: "TECHWR-L" <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Wed, 26 Feb 2003 13:02:05 -0800 (PST)


"John Posada" <> wrote

> Hi, guys...my boss is making sounds about having me be the caretaker of the
> password dictionary.

> So, if I was to make it an ebook and PW it, is it secure under normal
> conditions? (I accept that nothing is secure under abnormal conditions)

As others pointed out PDFs are very crackable. Also, files on your local PC are
never secured, unless you have something other than just plain old Windows
ACLs. Public folders on an Exchange server are better than nothing, but they
too can be hacked. And firewalls - don't count on them being secure.

I would recommend encrypting this file using PGP. Have the necessary developers
obtain PGP, generate a public key, and then encrypt the file using their public
keys. Then, only those people with the matching Private keys could decrypt it.
Thus, even if somebody stole a developer's Windows password, they would also
have to steal their private key. Two-factor authentication.

You can obtain a great, open source, PGP program for Windows called WinPT. Its
a little clumsy to learn, but once you get the basics down, it pretty easy.
Checkout winpt.org.

Andrew Plato


__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - forms, calculators, tips, more
http://taxes.yahoo.com/

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


LAST CHANCE for this steal of a deal! Purchase RoboHelp X3 by February 28
and receive $100 mail-in rebate and FREE WebHelp Merge Module ($339 value)!
RoboHelp, the Industry Standard in Help Authoring, has won over 55 industry
awards. For more information please visit: http://www.ehelp.com/techwr-l2.


"RoboHelp X3 is simply remarkable." - George Bell, Techno-Vision Systems


---
You are currently subscribed to techwr-l as:
archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.



Previous by Author: Re: Your opinion on Information Mapping...
Next by Author: Subject Matter Expertise-YES! Attack Iraq-NO!
Previous by Thread: Re: How secure are passworded PDFs
Next by Thread: RE: How secure are passworded PDFs


What this post helpful? Share it with friends and colleagues:


Sponsored Ads