I think I need to better define context. There's no need to consider inter-operability. It is years I use open document format only and convert on requirement. Of course this operation is considered with care. People interested in choosing a password might have to check arstechnica.comas they have plenty of information. I am not asking about the strength of encryption either: the data I'm currently mangling is more important than others but not so much I need to make it NSA-proof. BTW, I can tell from experience AES-256 is going to be enough in many cases. In my case, everything preventing accidental opening is sufficient, including a ROT4.
So, to state my concerns more clearly, In your experience, how is stable and trustable are password protected LO files? Massimo 2013/12/18 Tom Davies <[email protected]> > Hi :) > Thought a few people might be interested in these links > http://en.wikipedia.org/wiki/John_the_Ripper > > http://xkcd.com/936/ > > > http://www.zdnet.com/blog/security/25-most-used-passwords-revealed-is-yours-one-of-them/12427 > > So a hugely significant number of people still think that "password" > is an awesomely clever password. How often do you overhear someone on > a phone or a train trying to tell someone what the password is > discretely so that other passengers don't hear it, only to hear them > have to then repeat the password louder and louder and maybe even have > to spell it out letter-by-letter. Weirdly more complex passwords > never seem to need repeating. > > Regards from > Tom :) > > > > On 17 December 2013 15:34, Tom Davies <[email protected]> wrote: > > Hi :) > > Hopefully there was just a misunderstanding somewhere there! Password > > protection can be useful but only really when used in combination with > > other security measures. > > > > There were some problems early on, around 3.3.x maybe up to 3.4.x but > > i haven't heard of any problems for years now. Personally i avoid > > password protecting files and just keep such files well out of reach > > of anyone that wouldn't be authorised to see them. Emails and > > usb-sticks make that tricky though! > > > > Early on i noticed that MS Office password-protected files could > > easily be opened in LibreOffice. In fact i didn't even realise my > > companies finance files were individually password protected until > > after i had opened them and the finance director saw i had the file > > open and went ashen-faced. I've been told it happens the other way > > around too, that LibreOffice or OpenOffice files that are password > > protected can be easily opened in MS Office but i've never tried it > > out. > > > > Password protection is good to prevent causal accidental intrusion > > from polite colleagues but it's not reliable enough on it's own. > > Given enough time any password can be cracked. So, password > > protection is best when used in combination with other security > > measures, such as [shudders] encryption, or just keeping the files out > > of reach (if that is at all possible these days). > > > > All security is often at the expense of productivity and security > > measures tend to restrict valid personnel from legitimate work rather > > than slowing down hackers/crackers. So, take care! > > > > Regards from > > Tom :) > > > > > > > > On 17 December 2013 15:12, Massimo Del Zotto <[email protected]> > wrote: > >> Hello mailing list users. > >> I am currently an OOo user. It's a while I hear about LO, but so far > never > >> got truly disappointed by it so I resisted change. > >> However, I recently had a problem with OOo password protection. Somehow > it > >> disabled password protection for a file I was working on and it took me > a > >> while to restore it. Asking for help on OOo forum, I have been informed > >> password protection is somehow considered "unnecessary" by... I don't > know > >> who to be honest. > >> The important point is that I have been informed of various issues OOo > >> seems to have with password protection. The forum administrator strongly > >> suggested me to not use it, and even pointed out a few previous cases in > >> which password protection caused data loss (!!!). > >> I think *this is unacceptable *so I started looking more seriously at > LO. > >> Digging the mailing list archives, I noticed there are quite a few > messages > >> regarding password protection. It seems most problem were between > keyboard > >> and chair, the only exception being perhaps an inter-operability problem > >> after switching to AES-256. > >> > >> In your experience, how is LO with password protection? > >> > >> Thank you, > >> Massimo > >> > >> -- > >> To unsubscribe e-mail to: [email protected] > >> Problems? > http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ > >> Posting guidelines + more: > http://wiki.documentfoundation.org/Netiquette > >> List archive: http://listarchives.libreoffice.org/global/users/ > >> All messages sent to this list will be publicly archived and cannot be > deleted > >> > -- To unsubscribe e-mail to: [email protected] Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
