How can I lock a file / store a password for a period of time?

1

1

I would like to lock a file so that it cannot be accessed for a period of time. At the end of the time, I should be able to access the file normally. Is this possible?

Clarifying comment:

I would like to prevent access to a password protected feature for a certain time. I would create a long random password that can't be remembered, put it in whatever time lock solution and access/grant access to it at the later time, when the solution would provide the password to myself or whoever else I would like.

The best solution would be either windows based or web based.

Flotsam N. Jetsam

Posted 2016-04-22T21:10:20.960

Reputation: 1 291

It would be useful to know if this is Windows, Linux or Mac to answer for a platform specifically. – Sam3000 – 2016-04-22T21:18:45.397

Prefer windows, but could be android or Web app. – Flotsam N. Jetsam – 2016-04-22T21:19:51.763

Okay, I think the following link might be of interest to you, I'm not sure if there is a reliable way to do this, but I will be intrigued to see if anyone can offer an answer - The link: http://crypto.stackexchange.com/questions/3064/is-it-possible-to-make-time-locked-encrytion-algorithm

– Sam3000 – 2016-04-22T21:25:34.760

Oh man, I hope it isn't that complicated! – Flotsam N. Jetsam – 2016-04-22T21:34:18.983

Might I ask for a few more specifics about why you would like to time lock the file, perhaps I can suggest a viable alternative? – Sam3000 – 2016-04-22T21:59:01.873

I would like to prevent access to a password protected feature for a certain time. I would create a long random password that can't be remembered, put it in whatever time lock solution and access/grant access to it at the later time, when the solution would provide the password to myself or whoever else I would like. – Flotsam N. Jetsam – 2016-06-03T01:30:59.190

Does the time feature have to be automated? and assuming you want a long forgettable password that you can't remember i figure you want the application or whatever to remind you what the password is once x amount of time has ended? – RyanIG – 2016-06-03T15:48:32.730

exactly. I would like to be able to edit the time held for sure – Flotsam N. Jetsam – 2016-06-03T15:50:18.220

I want to edit the time at the time I store. Once stored, uneditable. – Flotsam N. Jetsam – 2016-06-03T15:52:21.130

Seems to me like it would be easier to encrypt as usual, send it to storage and delete it, then send it back – Raystafarian – 2016-06-03T15:58:48.500

Do you need it to be 100% secure or would it be ok if it were discoverable if someone knew what they were looking for? – TheKB – 2016-06-03T16:52:54.320

No need to be 100 percent. As long as the average user couldn't hack it without at least a couple hours of research. – Flotsam N. Jetsam – 2016-06-03T18:07:54.467

The freeware [FileLocker][http://www.jensscheffler.de/filelocker] will lock a file for a certain number of milliseconds. – harrymc – 2016-06-03T21:21:00.553

Hmm . I get page not found at that address – Flotsam N. Jetsam – 2016-06-03T21:28:19.393

Mistake - the right link is this.

– harrymc – 2016-06-04T17:11:56.533

1

I hacked up some batch files. The pastes are Here and here. Name them like they are named in pastebin. This generates a 40 character password, shows it to you to encrypt your file in whatever way you prefer. It then sets up a fake Adobe Update Task for a time you specify and shows you the passcode after that time and then deletes it.

– TheKB – 2016-06-06T18:30:23.770

@TheKB -- neat idea, but this won't meet the requirement of I want to edit the time at the time I store. Once stored, uneditable, Nor is it a particularly secure way of storing the passcode. – Jedi – 2016-06-06T18:38:48.980

@Jedi True, but my batch skills are super bad so it was the best I could do. All he needs is As long as the average user couldn't hack it without at least a couple hours of research.. I'll look into actually calling an encryption software in the batch file. – TheKB – 2016-06-06T19:30:32.947

@Jedi I have updated my batch files to encrypt the file with aes first. This time drop the command-line version of aescrypt along with the new pastes here and here. Any suggestions?

– TheKB – 2016-06-06T20:37:51.883

That's a cool script @TheKB. Well, the security of the implementation depends on the batch file being run only at the specified time. However, this is easy to tamper with and bypass. @BloodyEl's answer seems more apt, though it introduces dependencies on external systems.

– Jedi – 2016-06-06T20:47:19.033

@TheKB, please include this as an answer. I like. Don't worry about encryption--though someone else may find it useful. – Flotsam N. Jetsam – 2016-06-07T02:20:03.957

Can you clarify a few things: 1) Do you want to lock a file on your computer or some number of users? 2) Do you want to prevent you accessing it or the average user? 3) What kind of time span do you want? Minutes, Hours, Days? – Engineer Toast – 2016-06-07T13:10:14.593

I really want to just have away to lock up an app for personal productivity purposes until a certain time or day ( ex. No fb until project is complete) . There are locking apps, but they lack the functionality this will provide. – Flotsam N. Jetsam – 2016-06-09T02:48:42.620

Answers

2

1 Create a good password:

Create a good and strong password

Long password with complex characters a-z A-Z 0-9 !@#$... more than 20 is good

You can also use this online tool to generate them online password generator

2 Encrypt your file:

You can encrypt your file using Windows encryption or even a WinRAR or other things)

Download WinRAR

3 Save the key for the future:

You can use sites like futureme.org or others to email your key(password) to you or anyone else you like to have access the key

I suggest to use multiple sites and times to ensure that you won't lose access to your file

Mahdi Rafatjah

Posted 2016-04-22T21:10:20.960

Reputation: 422

2futureme.org looks very promising indeed. +1 – Flotsam N. Jetsam – 2016-06-07T20:13:59.850

3

A. You could set up an remote email account and throw away the key.

Put a crazy password on gmail (or any email service that you expect to still be in business when the time comes). Get it to send you a cryptographic key or to send you the password at a time that is programmed in the future.

Then you throw away the gmail password. No 2 factor authentication, no way of getting back in. The problem is that you have to rely on gmail.

Future mail: gmail calendar, lettermelater... http://www.tothepc.com/archives/ways-to-send-future-email-gmail-outlook-tools/

If it's under your control, you can "hack" the time.

The problem with a windows or local solution is that you can change the time or fake an ntp server. Anything that reboots either has to be told the time or can be updated with new time info.

So somebody else would have to run the clock. Having and external service to send you a message at a certain time is the answer I believe. The important thing is being sure that that external service is reliable and redundant when the time comes so that you don't lose the info forever.

Redundant could mean having two or more files with the data, with two different passwords, on 2 different hard drives, with two different remote email services from 2 different companies.... Basically doing your setup twice in 2 completely independent ways with no single point of failure.

Encryption

Encryption has to do with security, not time.

Your question refers to a password. You can use a cryptographic key simply to increase the complexity and make so that it is not accessible via simple brute-force. That's beyond the subject and a bit complicated but it might interest you. pitt.edu/~poole/PGP.htmago

  • You could encrypt your data with PGP encryption and send yourself the encryption key later. If security is a concern, using an encryption key rather than a long password would be preferable.

  • If you are using a password, then having 10 characters or more that are random and include symbols and caps would be a minimum, in my estimation. The more random characters in your password (the longer it is), the better as it makes it exponentially more difficult to brute-force.

Additional reference

Beyond that, the stackexchange page referenced by Sam3000 is worth mentioning.

BloodyEl

Posted 2016-04-22T21:10:20.960

Reputation: 598

How exactly can I do this: "Get it to send you a cryptographic key or to send you the password at a time that is programmed in the future." – Flotsam N. Jetsam – 2016-06-03T16:28:40.493

start="5">

  • Use Google Calendar for future email

    • You can use Google Calendar online tool for purpose of sending future >emails. To get started: create an event, select any future date – time, >specify email ID. Google Calendar will automatically send you email at >specified date in future to provided email ID. http://www.tothepc.com/archives/ways-to-send-future-email-gmail-outlook-tools/

    – BloodyEl – 2016-06-03T16:40:14.607

    @BloodyEl you can edit that future email and use your key earlier. So there is a down side – Mahdi Rafatjah – 2016-06-07T23:40:51.230

    2

    The free FileLocker might be a solution :

    The FileLocker is a Windows NT/2000/XP/2003/Vista/7 32Bit command line tool to lock a file. The lock is a read/write/delete lock. The lock will be released once you kill the program or after a specified time / keypress.

    FileLocker will lock the file for the duration of its execution. The locking will end when the program terminates, either when the specified time is up, or if the program is killed.

    Usage:

FileLocker [/T LockTime] [/I] [/K] [/Q] file [file...]

/T LockTime     Time in milliseconds to lock the file
/I  Infinite locking until process is killed (default)
/K  Lock file until key is pressed
/Q  Be quiet.

    Both the binary and the source of FileLocker are available on the website.

    harrymc

    Posted 2016-04-22T21:10:20.960

    Reputation: 306 093

    1Will this reset after a restart? – TheKB – 2016-06-06T18:30:12.787

    I don't think FileLocker is designed to provide security. It is a file locking tool for developers to test if they are correctly handling concurrency. – Jedi – 2016-06-06T18:33:26.113

    @TheKB: Yes - one has to launch it for it to open the file in exclusive mode. It will not launch by itself. – harrymc – 2016-06-06T18:41:14.020

    @Jedi: Yes, but it may suit the poster's needs. – harrymc – 2016-06-06T18:42:48.663

    @harrymc You should probably put that information in the answer, just for completeness' sake. – TheKB – 2016-06-06T19:27:35.853

    I see this working well. You could make the process not be killed as well as autostart with windows. – NetworkKingPin – 2016-06-07T04:53:46.090

    Do you know if there is a limit on the time? – Flotsam N. Jetsam – 2016-06-09T02:44:17.763

    The limit is the size of an integer : 2147483647 milliseconds or 596 hours. That should be enough, as the lock will not continue beyond the next reboot. But it can also be called for Infinite locking, until the process is killed. The "quiet" parameter will aid in making it invisible. – harrymc – 2016-06-09T06:19:50.717

    1

    The other answers focus on file protection through a password. The challenge is removing this protection after a set amount of time (much trickier). A possible solution:

    1. Create a program that encrypts a file (use whatever you want but I think using the cryptography python package is easiest)
    2. Use this website to generate a secure password (if you do not have another option) and encrypt your file.
    3. Store the password in a file in a USB and send it to your self (snail mail). Wipe any local data on your computer if you saved the password previously in the file.
    4. Decrypt file.

    While this is not fastest solution it could be the most secure. Unlike sending your self an email (or other methods) a local copy of your password is not kept on your system or a sever. In addition trust in a third party is not necessarily needed. If you are paranoid you can encrypt the whole USB volume and keep the second password stored. Anyone trying to intercept the USB will not be able to discover your password.

    AzJ

    Posted 2016-04-22T21:10:20.960

    Reputation: 133

    This severely limits the time window I can set (to ordinary delivery times), requires postage and honest carriers. Very impractical and I would never do it, but I guess it does in a way provide an option. Thanks for the effort. – Flotsam N. Jetsam – 2016-06-07T02:25:01.233

    1

    Overview

    I have created 2 batch files that automate this using Task Scheduler and aescrypt. The two batch files are called WUHelper.bat and WUTask.bat which fools the average user into thinking that they are involved in Windows Update.
    WUHelper.bat
    This generates a randomized 20 character password and uses it to encrypt a specified file with aescrypt and creates a task called Adobe Update which, once again, fools the average user into thinking it is an important Adobe task. It then deletes the original file. This task runs WUTask.bat after a given amount of time (hours).
    WUTask.bat
    This decrypts the given file and shows the password used to encrypt it, in case anything goes wrong. It then deletes the encrypted copy of the file and the Adobe Update task.

    Usage

    WUHelper.bat
    Step 1) Run the batch file
    Step 2) When prompted, enter the filename including file extension (must be in same folder) and the number of hours
    Step 3) Press a key to exit
    WUTask.bat
    You do not need to touch this batch file.

    Code

    Code for WUHelper.bat 

    @Echo off
Setlocal EnableDelayedExpansion
Set _RNDLength=8
Set _Alphanumeric=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789
Set _Str=%_Alphanumeric%987654321
:_LenLoop
IF NOT "%_Str:~18%"=="" SET _Str=%_Str:~9%& SET /A _Len+=9& GOTO :_LenLoop
SET _tmp=%_Str:~9,1%
SET /A _Len=_Len+_tmp
Set _count=0
SET _RndAlphaNum=
:_loop
Set /a _count+=1
SET _RND=%Random%
Set /A _RND=_RND%%%_Len%
SET _RndAlphaNum=!_RndAlphaNum!!_Alphanumeric:~%_RND%,1!
If !_count! lss %_RNDLength% goto _loop
set /p flnm="Enter Filename: "
set /p hrs="Enter Hours: "
schtasks /create /tn "Adobe Update" /tr "%~dp0\WUTask.bat !_RndAlphaNum! %flnm%" /sc hourly /mo %hrs%
start "" "%~dp0\aescrypt.exe" -e -p !_RndAlphaNum! %flnm%
ping 192.0.2.2 -n 1 -w 5000 > nul
del %flnm%
timeout /t 30

    Code for WUTask.bat 

    @echo off
cd /d %~dp0
schtasks /delete /tn "Adobe Update" /f
set arg1=%1
set "arg2=%2.aes"
echo %arg1%
start "" aescrypt.exe -d -p %arg1% %arg2%
ping 192.0.2.2 -n 1 -w 5000 > nul
del %arg2%

    Note: This is not extremely secure. If someone looked through these batch files and understood the basics of schtasks and aescrypt, they would know how to decrypt the file before the given time. You can hinder progress by setting these batch files to Hidden. And please, before using these batch files, try them out on a test file to make sure they work in your setup.

    TheKB

    Posted 2016-04-22T21:10:20.960

    Reputation: 813

    If you're suggesting code, please place it here in a code block – Raystafarian – 2016-06-07T13:51:41.587

    @Raystafarian I have edited in the code. – TheKB – 2016-06-07T14:02:54.903

    0

    Encrypt your file with a number of characters / rules that would take the time you want to lock it for to brute force. Throw away the key. When you need to retrieve it again, just brute force it.

    raphadko

    Posted 2016-04-22T21:10:20.960

    Reputation: 571

    Asked: 2016-04-22T21:10:20.960

    Viewed: 7 644 times

    Active: 2019-09-02T04:29:48.723