View Full Version : How save are passwords etc on your computer

Many people, like myself, keep most passwords in a text file on their computer. We are often warned not to do that because a computer criminal can find this info and abuse it. How does that work? How can they find the info in a text file? Do they use a 'robot' to search through all the text files, or is it a physical person?

KR, Leo

It depends on how and where they are saved. If you save them on your desktop in a file called passwords, probably not as safe as storing them in an encrypted file with a generic file name. The passwords are more likely to be stolen as you use them.

In general it's safer to write passwords on paper in a locked safe rather than store them digitally. Most cyber-crooks aren't physically there so whilst they might read a text file thye would almost certainly never see the written text. For really important passwords (bank, main email account) the password should be remembered and never written/typed anywhere except in the necessary login page, if you need a reminder don't store the password, store a written hard copy hint.

Well, here is a scenario:

A computer criminal has access to your computer and wants to read the content of a password protected ZIP file. He doesnt have the password, but you have stored the password somewhere on the disk in a text file.

He then will run a program that will index all your files: this program creates a list of all the words (a dictionary) it finds in files on your computer.

Then he uses this dictionary with a password cracker to perform a dictionary attack against the ZIP file.

The password cracker will quickly decrypt the password protected ZIP file because the password will be in the dictionary.