How can you make your Windows 10 laptop less susceptible to hack attacks and also install Linux on it?

ja
19

In the meantime I have so many passwords that I don't want to have all of them printed out lying around with me, that's why I have now written all of them in an Excel spreadsheet and these are together with other documents in an encrypted one on the desktop of my Windows PC.

But I don't feel completely safe and I don't know if a virus can read them all when the folder is open.

So how could I, for example, have opened the passwords without having to worry that a hacker would read them? I would like to keep the Excel table because it is convenient. Does it make sense to drag this folder with the passwords onto an inux desktop, which I then start from my USB stick?

Or do you have any other ideas how I could open the passwords without any hacking software reading it, even if I had a virus on my computer?

I have a virus scanner, but you never know.

ho

Excel is not exactly a good idea for this purpose. There are password managers that are much more convenient and secure, e.g. KeePass.

Ke

An additional operating system is useless, because when using Windows it obviously can't protect you at all.

I use a password manager, specifically KeepassXC. I used this password manager on Ubuntu as well as Android and Windows 10. An encrypted Excel spreadsheet also works, but is less convenient. The security mainly depends on the password used. With a password manager, further protection mechanisms such as key files or even hardware tokens are possible, which is not possible with an Excel spreadsheet.

Does it make sense to drag this folder with the passwords onto an inux desktop, which I then start from my USB stick?

I don't understand the workflow. So you shut down Windows and start up with Linux? It's so uncomfortable that it's hard to hold out. Or do you use Linux in a VM? I think that's overkill.

ja

Yes you are right. Can't you just start Linux comfortably from a USB stick? Then I don't need to shut down Windows 10?

If you have the password manager open, can't virus software also read it?

ja

Can KeePass then also be read by malware if it is open?

Ke

Yes you are right. Can't you just start Linux comfortably from a USB stick? Then I don't need to shut down Windows 10?

A computer can't use two operating systems in parallel. You can only use the second operating system in a virtual machine.

If you have the password manager open, can't virus software also read it?

Generally, yes. That can't be prevented.

ho

Probably not, as the passwords are always kept in encrypted form by KeePass and are only issued through interaction with the user. If you let the malware interact with KeePass, it would probably already be possible. In any case, it is still more secure than Excel, as the data is stored there directly in the memory - and it is unencrypted, so that malware can always read the data without you noticing.

ja

In that case, would it make sense to run Linux from a virtual machine, or would it be too cumbersome to switch from Windows to it?

ja

What do you mean by data being held directly in memory. So I made sure that the Excel table is not logged into Windows Outlook.

ho

When you open the table with Excel, Excel loads at least parts of the table into memory, if possible even the entire table. This means that, with appropriately obtained rights for other applications, it is possible to read out this memory area.

ja

Ok then I can also write text in such a password manager. Because you often get security questions whose answers you have to remember, e.g. On Ebay

Ke

Sure, you can, ideally the VM has no internet contact. Running a VM just for this password file is overkill in my opinion.

However, malware on the Windows computer can still access any password that is used. If you use the clipboard, the password remains on the clipboard as long as it is not overwritten. With Keepass, the password is only kept in memory for a few seconds.

ho

At least KeePass has a field for notes for each password entry, where you can write something down.

ja

Thanks, I'll take a look at Keepass then. I have to write a lot for work, can you actually store these Word files or write in a safe environment?

ke

Why don't you use a password manager? This is many times more convenient and safer. Then you no longer have to worry about security and you can easily and comfortably reach them all…

Ke

You should get a calculator from your employer for work. Otherwise, the employer must specify how company data should / must be handled on private computers. You must of course be able to meet these requirements.

Office files can be password-protected. Any files can be stored in an encrypted container. A suitable program for this would be Veracrypt. It's free and good.

ja

Thank you, is open office in any way more secure than office 2019, or does that make no difference?

ja

So I have all the Office files that I need for work in an encrypted folder on the desktop, together with the passwords. If I want both, then I only need to decrypt the folder once, if I now also had a password manager, then I would have to enter a password twice.

ke

I don't know how other password managers do that, but those I know can get their passwords through the browser without having to enter a password. In addition, the password manager automatically fills out your username and password on websites, which is quite convenient. This means you can use very long and very secure passwords because you never have to enter them yourself…

Ke

I can't judge the "security" of the Office packages with regard to the file encryption.