I’m looking for a little advice. I currently keep an unencrypted backup of my Bitwarden vault, TOTP database, various recovery codes and keys, and SSH keys on an Apricorn encrypted USB drive. This is secured with a 16 digit passcode that I’ve committed to memory and can retrieve at any time if I forget it (the passcode is derived from certain lines in a book).
This is my sole backup in case of disaster, which isn’t ideal. I’m going to keep a copy of the same data on a USB drive encrypted with Veracrypt. That way I have two local copies. This doesn’t help in the case of local disaster, though. I want to keep a couple of encrypted containers in public places on the internet. One on some web hosting I’ve been using for many years. The other on a VPS I use for various things.
Given these will be public facing, what’s the best way to encrypt them? A Veracrypt container? An encrypted ZIP file? Any advice?
I would prefer Veracrypt container, and I would send that container to different persons, (but only you has the password / keyfile/ passkey), so in case of local disaster, you can retrieve the file through any of them.
If you are super paranoid, then you could use ZIP file instead, and split the file into several parts, so no single person could possibly obtain the content inside, unless they
Cryptomator has a 50% off currently for iOS/Android platforms (until end of December) but Veracrypt is also a possibility yes.
I’m mentioning Cryptomator because you could also send it to some cloud provider to have more resilience in case of something going poorly, like your house just burning in ashes.
Here is a quick comparison on their website: Comparisons
Besides this, an encrypted .zip will just be a subpar solution in comparison to Crypto/Vera, so scrap that one but any of the other 2 are good (mostly depends if cloud/local and folder/disk).
