Originally posted by UncleVanya Quantum Computing may change the equation rapidly but you correctly are thinking about this in the right way: risk vs function. You are a small fish to the early adopters of quantum tech. You are unlikely to be targeted. Random (non-quantum) targeting of less secure accounts will occur first.
As I understand it (from nothing more than layman-level reading, admittedly; I'm an ex-developer, but no expert on cryptology), AES-256 is considered generally resistant to quantum computing-based biclique cryptanalysis - at least in the medium term, assuming the rate of technological progress in this area remains fairly constant (related key attacks are more likely to succeed, but then it's on the originator of the encrypted file to ensure key generation is appropriately random and complex).
Eventually, when quantum computing power has increased sufficiently to break AES-256 in a realistic time-frame, it's going to be the likes of government agencies who have it initially. I can't imagine why they'd be interested in little old me, but if they were, they're welcome to see what I have in my encrypted drive just by asking
By the time this level of computing power becomes available to the common, opportunistic hacker, I doubt my files will be of much use to them (or me, for that matter
). If it should happen in my life time, though, access to all my financial accounts, credit cards, policies and other critical online services is protected by two-factor authentication - so even if hackers crack my encrypted drive and obtain my personal documents, they'll need my phone (or a clone of it) to access my accounts and perform any transactions or changes.
In summary, a hacker needs to gain access to my online storage which is protected by a complex, randomly-generated password; they then need to unlock my AES-256 encrypted drive with their quantum computing network; and lastly, they need my phone or a clone to answer two-factor authentication and gain access to my accounts...
It's not a 100% secure solution (what is?), but in terms of balancing risk vs function, I think it's a reasonable one...
EDIT: Apologies to the OP... I've drifted way off-topic here - though perhaps the discussion around local vs online backups might be of some minor benefit...