is VI encryption safe?

[jotacekm]

Hello
Im currently using a encrypted VI document to store all my bank accoutn passwords, and other important stuff.
Is vi encryption really safe or should I look for a safer way for storing my passwords?

[Thrillhouse]

From the vim documentation:

- The algorithm used is breakable. A 4 character key in about one hour, a 6
character key in one day (on a Pentium 133 PC). This requires that you know
some text that must appear in the file. An expert can break it for any key.
When the text has been decrypted, this also means that the key can be
revealed, and other files encrypted with the same key can be decrypted.

So while it's proven to be not cryptographically secure and probably won't thwart a persistent attacker, it is probably enough to fend off the casual observer.

If you want more security, use gpg:

Code:

$gpg -c your_bank_account_file     <--- encrypt, this will prompt you for a passphrase
$gpg your_bank_account_file.gpg    <--- decrypt

Encryption will create the encrypted .gpg file. You should delete the original, plaintext file after encryption.

[jotacekm]

From the vim documentation:

So while it's proven to be not cryptographically secure and probably won't thwart a persistent attacker, it is probably enough to fend off the casual observer.

If you want more security, use gpg:

Code:

$gpg -c your_bank_account_file     <--- encrypt, this will prompt you for a passphrase
$gpg your_bank_account_file.gpg    <--- decrypt

Encryption will create the encrypted .gpg file. You should delete the original, plaintext file after encryption.

ill try it, thanks!