Long Term Storage Encryption – SD vs. USB?

Hi all!

I’m looking for a cost-effective, long-term storage solution for not-so-large files. These files will not need to be accessed for extended periods of time. This won’t be my only backup method. I’m leaning towards USB drives or SD cards over SSDs due to cost.

In addition to the above, I’m also considering the security aspect of the storage. I’m thinking of using Picocrypt if I go with SD cards or VeraCrypt for USB drives. I’m particularly interested in understanding if there’s any difference in security between these two methods, especially from a privacy and encryption standpoint.

What are your thoughts on these options considering data corruption resistance and security? Your insights are appreciated!



USB sticks tend to have the crappiest, types of flash. They do need to be powered on every now again. Don’t expect one to necessarily work after 20 years.

For best archival nothing beats optical discs, like blueray though, particularly m-discs which are non-organic.

Not really. but if this is long term archival that you’re not planning on touching regularly optical discs are the way to go as they’re not dependent on a drive and all the failure points with that.

1 Like

As do SD cards… both of the options presented here are equally bad.


@jonah @dngray

I had not even considered optical media as an option, so thank you! I will have to touch up on what’s what in the optical media realm.

Question regarding encryption for optical media. Would the recommended approach be individual file encryption, or can you encrypt an optical disk similarly to a USB??

EDIT: Also, I am always impressed with the response time here at the PG forums. Thank you.

You can use pretty much anything cryptomator, luks etc.

Well we don’t get paid, it just happened that I saw it and took notice.

Solid State Drive.

1 Like

As mentioned before, USB sticks are just trash.
SSDs are a little better but not suited for long term storage either. Data might start to corrupt after ~5 years in storage already.

HDDs are better and should be good for ~10 years.
General advice is to copy data around every ~5 years so it gets freshly magnetized again.


As they try to squeeze more and more storage into the flash chips their unpowered storage life is getting very short. I have seen reports of data loss after just one year of unpowered storage. Powered is OK because they have a refresh circuit built in which rewrites the storage before the data is lost.

Hard disks while still good for >10 years have shrunk to a point where there is very little magnetic material storing the data so it is easily damaged. Store the drive in good conditions and rewrite the data every 5 years.

1 Like

How much data are we talking about? less than a GB, a few GB, a few hundred GB?

Depending on the data amount, it may make more economical sense to use 2 different cloud storage providers and just encrypt the files before uploading, if you are below a few GB, you could easily do it with most of the cloud providers free plans, I know that doesn’t follow the 1-2-3 backup method, but it might be easier to manage in the long run and pretty unlikely that the privacy focused cloud providers are going anywhere on short notice.

Outside of that, what everyone else is saying, use HDDs and rewrite every 5 years.

A question on the software used for encryption: How would you make sure that it’s still around and can be used 20 years from now?

Maybe keep the software within a VM with a simple Linux?

If you think that’s going to be a problem, I’d probably keep an unencrypted partition with the software on the same drive you’re encrypting.


Say I have deleted my data from the source and have to optimise the drive after about 3 years. What is the option?

Is there any software to check for file errors or such?

Will you not consider cloud based backup solution like Backblaze? It has unlimited space, versioning, and relatively cheap price.

I personally don’t recommend USB storage devices. They’re slow in general and only useful for really small filetransfers.

If you’re looking to backup +250 GB of files I suggest a SSD or HDD. Go with 3.5" HDDs if you want to save money.

As for encryption, I’d go with VeraCrypt (whole partition encryption) or gocryptfs (file-level encryption)

If you want to prevent data corruption, you could use par2. Watch the YouTube video titled “An Awesome Tool to Prevent Corruption Of Your Most Important Files” by ThioJoe to see par2 in action.