I have all my originals in my gun/fire safe at home.
I saw the stories of people going back to NOLA to find their bank branch under water so the contents of their SDB were ruined. If we were ever in a similar situation where we had a couple days notice to leave like they did I want mine accessible to take with me.

If someone came to me with a "scanned" document, in this age of Photoshop and other programs like that - I would have to wonder.

Show me several documents with the same name and date, no problems there, no crook is going to go to a lot of work to scam someone, that's why they are crooks. But one, or two? I dunno.

This from the guy who is scanning documents tomorrow to start his binder. I will have hardcopies in the binder, originals are going to a SDB I get free, and 2d copies to a thumbdrive. I reckon if all the documents match so much the better.

Also, I have a list with important phone numbers and account/policy numbers that can be printed out after being reduced, rendering it wallet size. May take a magnifying glass to read, but better than nothing.

Pictures or yourself, all of you family, all of your pets, etc. (individual pictures). So if you get separated during a disaster, you can post "Have you seen XXX?" pictures.

I suppose I should print a recent picture out, all our pictures are digital (thousands of them)

And dont forget recent photos of your pets, along with spare ID tags, collar, leash and vaccination documents. Not all in the binder of course.

Oops, haertig already said it.

If you're going to store info on the Internet, spend a little money and use a system that utilizes encryption technology. Your info can't be that important if you're not willing to spend $5 - $10 per month for a service that encrypts. By the way, a complicated password is not the same as encryption.

I would encrypt all data myself, using a proven (and free) product like TrueCrypt, and not use built in encryption from some service. You don't know how good that services encryption is, or if they hold back door keys.

I don't think that's necessary. Also, you could say the same thing about TrueCrypt because you didn't personally write their algorithm, did you? Also, using TrueCrypt would hinder the convenient process of syncing that an online services uses.

If the online service uses 128-bit or 256-bit encryption BEFORE your data is sent to them over the Internet, then your data can't be decrypted by using another backdoor key besides the encryption key you created. If the service does not have the key, then the data cannot be decrypted and is garbage to anybody without the key. Of course, a hacker could guess your key via brute force, but you can make guessing basically impossible if you have a complicated key that's in your brain (or otherwise not on a computer anywhere).

And there's the catch. You may indeed be using your KEY, but you are using THEIR ALGORITHM. Good encryption requires both a strong key and a rock solid algorithm. And the algorithm should be open source so anybody and everybody can review it. A strong algorithm does NOT depend on secrecy for being strong. For all you know, the service providers algorithm may be nothing more than "take the first character of the users key and prepend that to their data stream". Of course that's a silly contrived example, but it illustrates my point.

Also, if they use a proprietary algorithm, and then they go out of business, how are you going to unencrypt your own data (unless you stored a second copy elsewhere for your self)?

As an emxalpe, tihs setnecne is eyncrtepd.

But I'll bet you can read every word of it. It's a bad algorithm.

AFAIK, and I could be wrong, these online storage/encryption places use their own algorithms. Even if they say they use publically available and secure algorithms, you don't know if they're telling the truth unless you download that algorithm independantly (from some other source), review it yourself, compile it yourself, and apply it yourself. Very few people will have the expertise or will power to review source code and compile themselves, but using a well known, vetted and proven product (I mention TrueCrypt again) takes you one step away from the total unknown of an online companies proprietary or undisclosed encryption algorithm.