UNIVERSITY OF MAURITIUS
CENTRE FOR INFORMATION TECHNOLOGY AND SYSTEMS
Procedure for:
Preventing unauthorized access to your documents using:
- Password when saving documents
- WinRAR Archiving
- MEO Encryption Software
October 2013
1
PURPOSE
The main objective of this user guide is to explain how to prevent unauthorized access to the
content of your documents using password protection and data encryption.
Two utility software, namely WinRAR and MEO, will be introduced. These can be used for
encrypting your document before sending the document over the Internet/email. The use of
these software is recommended.
Note: If you are not familiar with the WinRAR and MEO software, it is highly recommended to
try them before using them. CITS/UoM assumes no liability for any loss, damage, destruction,
alteration, disclosure, or misuse of these software or in case of password lost or forgotten.
Please note that due to very strong encryption, lost passwords cannot be recovered.
2
Table of Contents
Page
1.0
Instructions to password protect a document ….………………………… ……
4
2.0
Introduction to WinRAR ……………………………………………………….
6
2.1
Compressing files with WinRAR ………………………………………………. 6
2.2
Extracting files from an archive ………………………………………………… 9
3.0
Introduction to MEO Encryption software ……………………………………
11
3.1
Installing MEO …………………………………………………………………
11
3.2
Encrypting files with MEO ……………………………………………………
11
3.3
Decrypting files with MEO ……………………………………………………… 14
3
Password Protection
1.0
Choosing a Strong Password
The three methods of document protection described in this document rely on passwords
protection, it is therefore recommended to use strong passwords.
Strong passwords:
-
Have both upper and lower case letters.
-
Have digits and/or punctuation characters as well as letters.
-
Are easy to remember, so they do not have to be written down.
-
Are eight or more characters long.
-
Can be typed quickly, so someone else cannot look over your shoulder and learn it.
You may also try using phrases for strong passwords, for example:
-
rsKf0myH&1W2sYU = Raindrops keep falling on my head and I want to steal your
umbrella.
-
wru2rxy? – Who are you to ask why.
-
bWiIso3! – Beware the ides of March!
-
4pRtelai@3 – not a dictionary word, has both cases of alpha, plus numeric, and
punctuation characters
Note: these particular strings are no longer strong passwords, because they have been published.
A strong password is not:
-
Personal information such as your name, phone number, social security number, birth
date or address. Even names of acquaintances and the like should not be used.
-
Any word in the dictionary, or based closely on such a word (such as a word spelled
backwards).
-
A word with letters simply replaced by digits. For example, bl0wfish is not a strong
password.
-
Easy to spot while you’re typing them in. Passwords like 12345, qwerty (i.e., all keys
right next to each other), or nnnnnn should be avoided.
4
1.1 Instruction to password protect a document
Click on File > Save as > Tools > General Options then enter Password to open file and save
document.
You are recommended to use strong passwords for your documents.
An additional level of protection can be used to prevent unauthorized access to your document
by using WinRAR or MEO Encryption Software in conjunction to the document password. The
procedure is provided in the following sections.
5
Using WinRAR for file compression and extraction
2.0
Introduction
WinRAR is a data compression utility software that can be used for compressing and archiving
files into two popular formats, namely ZIP and RAR. It can also be used for extracting files from
the archives.
WinRAR is useful when multiple documents need to be securely sent or received over the
Internet. The files can be compressed to a single file and the latter can be password protected.
This file can then be securely sent by e-mail. The receiver will need the password to extract and
open files from the compressed file.
Normally WinRAR is already installed in most PCs. Contact CITS Helpdesk if it is not yet
installed.
The following instructions will guide you to compress (archive) files and how to extract files
from archives.
2.1
Compressing files with WinRAR
1. Start WinRAR as follows:
Click on “Start”.
Next click on WinRAR
If WinRAR is not found in the Start menu then:
Type “winrar” in the “Start Search” box and press “Enter”.
WinRAR will open. Close the small box being displayed (regarding license).
2. To create an archive, click on the “Add” icon.
3. WinRAR will open a new window with different setting and configuration options.
6
In the Archive Name box, type the name for your archive including the extension “.rar”
or “.zip”.
Leave the other options unchanged.
4. Select the file(s) you want to archive as follows:
Click on the “Files” tab at the top.
Under “Files to add”, click on “Append”.
In the box appearing, go to the location (folder) where the files are stored. Click on the
first file. If there are more files to select, press and hold down the ”Ctrl” key, then click
on the other files simultaneously.
7
When you have finished click on “Ok”.
5. Click the “Advanced” tab in the same window at the top.
Click on “Set Password”.
Enter a password if you would like your archive to be password protected.
It is recommended to enter a password if the document is confidential and need to be sent
over the Internet (e-mail). Remember that the file and the password must not be sent
through the same media for e.g. You may send the file via email and the password via
SMS.
The password must be strong enough (at least 8 characters long and include alphabetic,
numeric and special characters).
Note: You must always remember the password; if you forget it you will not be able to
unzip the archive.
6. Click “Ok”. WinRAR will compress the selected files to the archive file.
8
2.2
Extracting files with WinRAR
1. Go to the location of the archive file you want to extract from.
Double click on the file. The extracted files will appear on your screen.
2. To save the files, click on the “Extract to” tab on the top of your screen. A new window
will appear.
Select a destination where to save the extracted files (will be created if it does not exist)
3. Click “OK”
WinRAR will now extract the files from the archive and save them to the destination
path.
9
Using MEO for encrypting and decrypting files
3.0
Introduction
MEO is a free and easy to use software for encrypting files of any type before sending them via
e-mail. Encryption will prevent unauthorized viewers from having access to your confidential
documents. The software can also be used for decrypting files that have been encrypted. The
instructions below will guide you how to install and use the MEO software.
3.1
Installing MEO
1. The MEO software can be downloaded from the following location:
http://www.nchsoftware.com/encrypt/index.html
Click on “Download Now”.
2. To install MEO, double-click on the downloaded file.
3. Click “Accept” to accept the license terms.
4. You will be asked if you want to install other “Related Programs and Extras”. As they won’t be
required for running the encryption software uncheck them (where there is a tick in the check box
click it, the tick will disappear).
5. Click “Finish” and the MEO software will be installed.
3.2
Encrypting files with MEO
1. To start MEO, double-click on the MEO icon on your desktop.
2. Click on “Encrypt Files”.
10
3. Click on “Add File(s)”.
4. Next select the file(s) you want to encrypt:
If there is only one file just locate it and click on that file.
For multiple files press and hold down the “Ctrl” key, then click on each file
simultaneously.
When finished selecting all files click on “Open”
5. The files you selected are now listed on the screen appearing. Check if correct then click
on “Next”.
11
6. Select the location where you want to save the encrypted file:
Click in the “Output filename” box.
Enter a filename. For security reasons use a generic name (e.g. “abcd”).
Next you need to select the “Crypto algorithm”. Choose the “Slow, but crypto strong
(3-DES)” option.
Click “Next”.
7. Next you will have to enter a password for the file.
Enter a strong password (recommended: at least 6 characters including alphabetic,
numeric and special characters).
Note: You must always remember the password; if you forget it you will not be able to
decrypt the encrypted file.
12
Click “Finish” once the password has been confirmed.
The file has been encrypted and saved as “filename.meo”.
3.3
Decrypting files with MEO
Before sending the encrypted file, ensure that it will open properly. To do so you have to
decrypt it and open the file(s). Proceed as follows:
1. Go to the location of the encrypted file and double click on it.
Or start MEO, click on “decrypt file”, locate the file and click “Open”.
2. Enter the password used to encrypt the file(s):
13
3. You will then be asked to specify the folder where the decrypted file(s) will be saved.
If you want to save in a new folder click the “Make new Folder” tab. Enter the new
folder’s name and click “OK”. The decrypted file(s) will be saved in that folder.
Once you have checked that the decrypted files open properly, the encrypted MEO file
can now be sent by e-mail to the intended person.
DO NOT send the encrypted file’s password in the same e-mail. Send it via SMS or by
other means.
14