With recent news about a possible security breach for a cloud-based secure information manager and discussions like this one at various sites around the web, we wanted to say a few things about eWallet GO!TM With eWallet GO! we’ve developed a solution that gives you the convenience of cloud based storage and sharing while significantly reducing the risk!
When you backup your information to Dropbox or Google Docs from eWallet GO! you’re backing up a fully encrypted file. This file features the power of 256-bit AES encryption. Even if someone managed to get this backup file, as long as you’ve chosen a strong password, it is effectively impossible for them to access your personal information stored in eWallet GO! And when we decrypt your data so you can view it, it all happens locally – we never, EVER send your password over the internet.
But how safe is safe?
But what does this “256-bit” stuff mean? In a great article on Wikipedia about what it would take to hack a file using 256-bit AES encryption, they offer the following:
A device that could check a billion billion (1018) AES keys per second (if such a device could ever be made) would in theory require about 3×1051 years to exhaust the 256-bit key space.
In other words, a really good password using 256-bit AES encryption is effectively unhackable by anything outside of science fiction. Humans will have constructed a Dyson Sphere around the sun and shed our mortal forms by the time someone can get to your data.
Good Passwords Required!
There is a caveat – the security is only as good as the password. First, we all know choosing a password another person could guess is a bad idea. We also know that we should never leave the password where someone else could find it, and we know that we should never pick a word that appears in the dictionary. We hear this advice time and again from security experts, and it’s true!
But what about a “brute force” attack, where a hacker uses a computer to guess the password by trying different combinations of letters, numbers, and symbols? In this case, the longer the password, the harder it becomes to crack. How hard? Let me give you a couple of examples:
An 8-digit password using all lowercase letters would take, in theory, around 3-6 years to hack with brute force.
An 8-digit password using a combination of lowercase, uppercase, numbers, and symbols would take, in theory, around 4000-8000 years to hack with brute force.
That’s right – if your password is f8#$mGQ! it could take 4-8 THOUSAND years to figure it out using an off-the shelf computer and the appropriate software.
And here’s the best part – length benefits are exponential! Add one more character – and now it might take 250-500 THOUSAND YEARS to hack your password.
At the end of the day, you don’t have to sacrifice convenience for security. With eWallet GO! you get all the benefits of cloud based storage and sharing while significantly reducing the risk.
Need help building a strong password? Visit www.passbuilder.com to generate super-strong passwords!
I’m in the middle of a major software release right now so I’ll make this quick. I apologize that I can’t respond to all your comments individually, but considering how many of them there are, that simply isn’t possible. So – let’s get started…
Hi Twitter Management,
Even the FTC is getting into the video act. They’ve released 
*(I wrote this Monday. I’m publishing it Tuesday because we 
I’m thinking a lot about information security lately. Not because we develop and sell eWallet, but because of two things that have happened recently:
![[RSS Feed]](http://blog.iliumsoft.com/wp-content/themes/iliumblog/images/feedicbig.png "Ilium Software Blog Feed")
