Double protection concept
How it works
Your data is protected by two independent security layers
Layer 1: Encryption
AES-256, key in browser
Layer 2: Password
Additional authentication
Result
Attacker needs to get BOTH link AND password
Password types
Simple passwords
Easy to remember and share
Examples:
Pros:
- +Easy to remember
- +Quick to type
Cons:
- -Easy to guess
- -Vulnerable to brute force
Complex passwords
Maximum resistance to cracking
Examples:
Pros:
- +High strength
- +Brute force protection
Cons:
- -Hard to remember
- -Easy to mistype
Recommendation
Choice depends on threat level and usability
Golden mean
Use 3-4 word phrases with numbers: 'coffee-meeting-15-january'
Attack scenarios
Password brute force
Automatic guessing of all possible combinations
How it works:
Program tries millions of variants per second
Protection:
Complex passwords + attempt limits
Time to break:
Simple: minutes, complex: centuries
Dictionary attacks
Guessing from list of popular passwords
How it works:
Checking against database of millions of real passwords
Protection:
Unique passwords, not from dictionary
Time to break:
Popular: seconds, unique: unbreakable
Social engineering
Getting password through deception or coercion
How it works:
Phone calls, phishing, coercion
Protection:
Training, procedures, duress code
Time to break:
Depends on victim: minutes-days
Best practices
✅Creating passwords
🔄Sharing passwords
Step-by-step guide
Preparation
Determine data secrecy level
Banking data requires complex passwords, work notes - simple ones
Password creation
Create strong and memorable password
Use passphrase method or password generator
Link creation
Enable 'Password' option when creating link
Enter password twice for confirmation
Data transmission
Send link and password via different methods
Link - via messenger, password - by phone or SMS
Confirmation
Make sure recipient could open the link
Ask to confirm receipt, but not content