How To Password Protect Files in Linux

The USP of Linux has always been the strong security and stability it offers. Per user/group permissions and ACLs (access control lists) take care of almost all the security needs of a home users as well as an enterprise customer. If there is a need for even more fine grained control, there are various flavors of Linux available that are specifically designed with industrial grade security in mind and certified by organisations such as the NSA.

If you’re a home user, though, all this doesn’t really matter to you. Sure, it helps to have seperate permissions for different users on the system, if you’re sharing your computer with, say, your sibling, but configuring ACLs for home a user is a little overkill, if you ask me.

If all you need is a way to password protect certain important files from the prying eyes of your siblings, kids or pesky neighbors, Linux doesn’t offer anything *out of the box*. Fear not, though, we have just the right tool for you.

Password Protect Files

mcrypt is a utility designed to encrypt/decrypt a file using standard encryption techniques. If you don’t have mcrypt installed, you can install it with the following command.

apt-get install mcrypt

To password protect a file execute the following command

mcrypt <filename>

The above command will output something like this.

khera@khera:~$ mcrypt test1
Enter the passphrase (maximum of 512 characters)
Please use a combination of upper and lower case letters and numbers.
Enter passphrase: Enter password here
Enter passphrase: Repeat password here

File test1 was encrypted.
khera@home:~$

By default, mcrypt creates a new encrypted file with the extension .nc added to the original filename and leaves the original file intact. If this is not what you want, and you’d rather not have any traces of the original file, use mcrypt with the “-u” option.

mcrypt -u <filename>

This will ask you for a password as usual and the only difference will be that when the command finishes executing, the original file, test1 in the above case, will be deleted.

Decrypting a Password Protected File

So, now you know how to password protect file but what about decrypting it.

Turns out mcrypt does that too. Just use mcrypt with the “-d” option and it will decrypt the file for you after confirming the password with you.

mcrypt -d <encrypted filename>

The output should look something like this

khera@khera:~$ mcrypt -d test1.nc
Enter passphrase: Enter password here
File test1.nc was decrypted.

Like, in the encryption phase, mcrypt doesn’t delete the original file by default and if that is what you want, use mcrypt with the -u switch.

mcrypt -u -d <encrypted filename>

This will decrypt the file and delete the original encrypted file leaving no traces of it on your computer.

How was that for an easy encryption/decryption utility?

Forget Passwords, Scan QR Codes to Login

Passwords play an important role in any internet user’s experience. After all, it is the most universal way to authenticate a user online. Wether you want to check your email, log-in to a social network, banking or any other website, chances are that you will have to set up an account and verify yourself every time you log into the site. In a study conducted by Microsoft it was found out that an average internet user has about 25 accounts online that require passwords. Internet gurus have always advised to use separate passwords for each account but if you adhere to that advice, it can become almost impossible to remember the correct password associated with each of our account.

Uniclau is a web based startup that can revolutionize the way users enter their password and it makes apt use of the device that is always with us – our mobile phone. The use of a cell phone to authenticate a user is certainly not new, and we had earlier reviewed the use of mobile phone to make your google account more secure.

With Uniclau you can do away with the hassle of remembering the username and password for any of your online account. To use the service, visit the Uniclau home page and install the uniclau extension for your browser and also the application for your iPhone or Android phone. Once that is taken care of, open the application from your phone. First time users will be prompted to set a pin and their email address which will have to be verified.

Installing the extension on your browser will display a QR Code next to the login field whenever you visit a website. All you need to do is scan this code from the uniclau application on your phone. For the first time for every website, you will have to enter the username and password associated with that account on your phone. For every subsequent access, scanning the code will automatically log you into the website on your browser.

 

Since scanning the QR code from your phone is all that is needed to log into a website, it can become risky if you ever lose your phone. However, that is also taken care of and a pin needed to start the application ensures that only an authorized person can use the unicalu app on the phone. In fact, added security measures such as defining friends and saving a PUK code can even protect you even when you lose your phone or your associated email id gets compromised.

Overall, uniclau is an impressive service that can remove all the woes of incorrect password attempts due to different password for each of our online account. Having said that, the service can also be slightly annoying at times as it occasionally displays the QR code when there is no login field on the page. However, I am pretty sure that upcoming updates will fix the problem.

So, if you have a working internet connection on your smart phone and a long list of passwords to remember, Uniclau is certainly the way to go.

How do you prefer to manage your passwords ?