- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
Is Your Personal Financial Information Safe? Practical Lessons in Quicken Password Vulnerabilities
- Abstract
- This paper examines password encryption and authentication techniques applied to the file-level protection of personal documents and databases. As a practical example, I have researched protection schemes used by Intuit Corporation's Quicken software. This personal financial software contains information that most people would consider to be extremely sensitive. However, the password protection and encryption schemes that Quicken uses fail to provide the level of security that might be expected. I've found that the password protection used by Quicken is easily reversed with the purchase of a $30 password cracking application.