Hello and good evening, cryptographers, hackers and security information specialists!
I would like to hear your judgmental and sceptical feedback about the safeness of [git] cloud storage services accounts with two-factor authentication, and passwords of more than 16 special characters and case-sensitive alphanumerics, and the efficiency and usefulness of ccrypt
and scrypt
.
I've already been aware two-factor authentication sessions of [git] cloud storage services have already been broken, but the password of more than 20 characters (ambiguous characters, case-sensitive alphanumerics and symbols) can not be cracked because it takes 4 sextillion years to be totally deciphered.
I posted two topics Is it safe to back up the whole Firefox profile folder to my private dotfiles repository at GitHub/GitLab? And at Google Drive and Mega? on subreddit /r/firefox, and Is it possible to use synchronously and mutually Scrypt to encrypt and compress a directory in one command? on /r/linuxquestions.
I've two profiles folders that contain confidential information, and would like to back up and upload normally them to [git] cloud storage without compressing them. But I've been told that I should compress directories with confidential information with a strong password.
I'm not sure it's necessary to compress them if these cloud storage services have already two-factor authentication with a stronger password of more than 16 characters.
- I've already seen the video where a password-protected compressed file in formats RAR and ZIP could be cracked with John The Ripper, but the guy has informed me that John's usefulness is already limited, and a password of more than 16 characters can not be cracked.
- I've read from another guy that an AES-encrypted password-protected compressed file created in format 7z created by 7zip can not be cracked.
Only three questions:
- How safe are GitHub, GitLab, Gmail and Mega accounts with two-factor authentication and passwords of more than 16 ambiguous and special characters and case-sensitive alphanumerics?
- How safe is a compressed file in format 7z and with an AES-encrypted password, created by 7zip on Linux? Or better to compress and encrypt with
ccrypt
(AES, but not one-time pad) orscrypt
(AES and one-time pad)? - Is it necessary to compress a directory containing confidential information even if the [git] cloud storage services have already two-factor authentication with a very long and strong password?