How Do I Secure Sensitive Financial Data Currently in a Google Sheet?
July 14, 2024 3:50 AM Subscribe
I have sensitive financial data currently in a Google Sheet, and wish to prevent anyone accessing my laptop from opening this file. I don't think a Google Sheet can be password-protected to prevent opening - is there perhaps a (preferably free) Windows spreadsheet app (I don't have Office/ Excel) with password protection I could use instead?
Google Sheets are password-protected in the sense that access to the files is controlled by your Google account credentials. This means that anyone attempting to open your Google Sheets documents must first successfully log into the associated Google account. The security of your Google Sheets is therefore directly tied to the strength of your Google account password and any additional security measures you've enabled for your account, particularly two-factor authentication.
posted by alex1965 at 5:22 AM on July 14, 2024 [2 favorites]
posted by alex1965 at 5:22 AM on July 14, 2024 [2 favorites]
anyone attempting to open your Google Sheets documents must first successfully log into the associated Google account
True, which means that in theory all you need to do is make sure you're consistent about logging off from Google every time you close your laptop lid. In practice, the fact that logging on to Google provides single sign-on for so many disparate services makes this a failure-prone pain in the arse. I think you're on the right track with a local spreadsheet document that has its own specific single-purpose password. Just don't forget to back it up.
posted by flabdablet at 5:48 AM on July 14, 2024 [2 favorites]
True, which means that in theory all you need to do is make sure you're consistent about logging off from Google every time you close your laptop lid. In practice, the fact that logging on to Google provides single sign-on for so many disparate services makes this a failure-prone pain in the arse. I think you're on the right track with a local spreadsheet document that has its own specific single-purpose password. Just don't forget to back it up.
posted by flabdablet at 5:48 AM on July 14, 2024 [2 favorites]
This means that anyone attempting to open your Google Sheets documents must first successfully log into the associated Google account.
That's partly but not entirely true - you have to check the Share settings and make sure it's not set to share with anyone. (Which is probably the case but you should still check.)
Add to that what flabdablet said (and doubly so if you use any Android or Chrome devices with the same google account) and the general theoretical risks of storing things on the cloud.
posted by trig at 7:41 AM on July 14, 2024
That's partly but not entirely true - you have to check the Share settings and make sure it's not set to share with anyone. (Which is probably the case but you should still check.)
Add to that what flabdablet said (and doubly so if you use any Android or Chrome devices with the same google account) and the general theoretical risks of storing things on the cloud.
posted by trig at 7:41 AM on July 14, 2024
Its just security by obfuscation, but you could hide the sheet in google sheets. It just makes it so its not visible, but is still there, and you would have to “unhide” it whenever you want to use it. Its still there if anyone knows to look for it, but wont be visible to a casual user of your computer if you’re still logged in and they stumble across it.
posted by cgg at 8:40 AM on July 14, 2024
posted by cgg at 8:40 AM on July 14, 2024
Best answer: I'd set up a new google account, as simple as kyoto2, with a different password that you don't let the browser manage or remember. You can use a different browser for additional convenience. I theora's stuff- email, some shared docs, etc. - on chrome, and my real life identity in Firefox.
posted by theora55 at 8:49 AM on July 14, 2024 [1 favorite]
posted by theora55 at 8:49 AM on July 14, 2024 [1 favorite]
Do you need this file to be available online?
Libre office is a great solution if you don't.
I think "free alternatives to Microsoft" get a bad rap, but at this point the tools are interoperable and Libre office works great.
posted by amandabee at 9:27 AM on July 14, 2024
Libre office is a great solution if you don't.
I think "free alternatives to Microsoft" get a bad rap, but at this point the tools are interoperable and Libre office works great.
posted by amandabee at 9:27 AM on July 14, 2024
Do you need to have your laptop usable by other people? I rely on my laptop requiring either a password or fingerprint to wake from sleep. If I had others that needed to use my computer, I'd make them their own accounts on here and they wouldn't be able to use my logged in stuff.
posted by advicepig at 8:30 AM on July 15, 2024
posted by advicepig at 8:30 AM on July 15, 2024
Libre office is a great solution if you don't
I like to separate the document-editing concern from the online-availability concern by using locally installed instances of LibreOffice for the former and any general-purpose cloud provider (Dropbox or Nextcloud for example) for the latter. If you don't need real-time multi-user collaborative online editing there's really no need to integrate these things.
If I had others that needed to use my computer, I'd make them their own accounts
Strongly strongly seconded.
posted by flabdablet at 2:51 AM on July 18, 2024
I like to separate the document-editing concern from the online-availability concern by using locally installed instances of LibreOffice for the former and any general-purpose cloud provider (Dropbox or Nextcloud for example) for the latter. If you don't need real-time multi-user collaborative online editing there's really no need to integrate these things.
If I had others that needed to use my computer, I'd make them their own accounts
Strongly strongly seconded.
posted by flabdablet at 2:51 AM on July 18, 2024
If others have access, an account, gaining access to files might not be hard.
posted by theora55 at 5:47 PM on July 18, 2024
posted by theora55 at 5:47 PM on July 18, 2024
It might be technically feasible for one user to gain access to another's currently-logged-in Web sessions, depending on how the target user's browser handles login-session cookies. This would be easier if the user in question is taking advantage of the common browser convenience feature of being able to restore previously-opened windows and tabs after the browser is closed and/or crashes.
Gaining access to another user's locally stored files, though, doesn't gain access to the content of those files if they've been encrypted, either by the OS itself or by e.g. LibreOffice password protection. This remains true regardless of how skilled the attacking user is, even if they're bypassing the installed OS's access controls altogether. Modern encryption is good enough to defeat even State-resourced cracking attempts if the encryption keys are properly generated and remain undisclosed.
That said, the main argument for setting up one user account per regular user, plus a guest account for irregular users, is that this removes the need for anybody to choose between messing up somebody else's preferences and ignoring their own.
posted by flabdablet at 9:51 PM on July 18, 2024
Gaining access to another user's locally stored files, though, doesn't gain access to the content of those files if they've been encrypted, either by the OS itself or by e.g. LibreOffice password protection. This remains true regardless of how skilled the attacking user is, even if they're bypassing the installed OS's access controls altogether. Modern encryption is good enough to defeat even State-resourced cracking attempts if the encryption keys are properly generated and remain undisclosed.
That said, the main argument for setting up one user account per regular user, plus a guest account for irregular users, is that this removes the need for anybody to choose between messing up somebody else's preferences and ignoring their own.
posted by flabdablet at 9:51 PM on July 18, 2024
You are not logged in, either login or create an account to post comments
posted by flabdablet at 4:50 AM on July 14, 2024 [3 favorites]