pCloud Crypto provides the means for you to keep your files secure in the cloud. However, a big part of the deal is centered around the passphrase you choose as a first step to the encryption process. That is why, this week we’re taking the chance to give you a few tips on how to secure a strong passphrase for your Crypto folder.
Why should have a secure passphrase in the first place?
The reason is very simple: pCloud Crypto uses cliend-side encryption as a file protection method. This means that your files are encrypted on your PC before any file transfer operations are initiated. Furthermore, if your device is at risk of being breached, a secure passphrase will ensure an additional layer of security to your files.
Start from the basics
Length over complexity:
Usually, a lot of people misjudge the importance of complexity over the actual length of the passphrase. Studies have shown that long sequences ranging from 12 characters and above are harder to recognise. The bigger your passphrase is, the less the probability of it being found out. You can try using a sentence: “I drank two cups of coffee.” Now we have 21 characters to work with.
Symbols, Numbers and Punctuation
Although passphrase complexity is not as important as the length of your characters, it is still crucial. Try to add symbols and numbers to your passphrase. Furthermore, if you want to spice things up a little, try using upper and lower case letters. After applying this tip, our passphrase can be “@idr2c^SofCo4fe” instead of just “I drank two cups of coffee”. This method is also known as the Schneier scheme, named after the security specialist Bruce Schneiner.
Don’t bother with dictionaries
Common words and phrases from the dictionary won’t do you any good, in general. Try avoiding predictable expressions and if possible, insert words from foreign languages. In our case: “I drank two cups of coffee”, though long, is still a very predictable passphrase. By changing it a little, we can have the following “I pranked 4 jars of bats” and with a few symbols – “@iPrfouJ7rzfb”
Strong Hint
Upon activating pCloud Crypto, you will also be required to insert a hint. This is the only way for you to regain access to your passphrase, in case it is forgotten, as pCloud crypto creates a zero-knowledge proof environment, where not even our administrators can retrieve it. It is essential that your hint doesn’t contain either the whole, or parts of the sequence you choose as an encryption key.
Make a personal formula
It isn’t necessary to follow the exact same pattern for your passphrase. You can create a personal scheme, which is easier for you to remember. While some use the surrounding features of the website as referrence, others create a master root and build from then on. Remember, however, that your passphrase shouldn’t be the same as your pCloud account password.