I see that there’s an 64-bit version of Windows Vista. Will it be more
secure on a 64-bit machine that the 32-bit version on a 32-bit machine?
Looking into it a while back I thought I read that there was greater
security on a 64 platform versus 32-bit because there weren’t as many viruses,
and so on. It also dawned on me that banks and so on all insist on 128-bit
security, so I figured that more bits must be better, right?
Well, yes, no, and maybe.
There’s a little bit of apples to oranges comparison going on here, but
there are also some grains of truth.
Let’s look at just what all the differences are and how they do, and do not,
Become a Patron of Ask Leo! and go ad-free!
Let me start by saying that a 64-bit computer running 64-bit Windows is not
going to be inherently that much more secure than the 32-bit equivalent.
They’re they same operating system, and most vulnerabilities that appear in one
are likely to appear in the other.
There’s certainly nothing about being 64-bit versus being 32-bit that makes
the computer any more secure.
To oversimplify, when we talk about a computer being a 32-bit versus 64-bit,
we’re really just talking about the size of the biggest integer number that the
process can operate on at a time. On a 32-bit computer an integer number can
range from 0 to 4,294,967,295. On a 64-bit computer, however, it’s 0 to
Now, as I said, that’s an over simplification, but it’s important. When a
computer needs to work on numbers or other concepts that can’t be simply
represented within those ranges it has to break them down to multiple
operations that are within those ranges. Perhaps easier to understand are old
8-bit computers where the range was 0-255. That doesn’t mean that the computer
couldn’t work with larger numbers, it means that programs had to be written to
break operations on larger numbers into pieces that worked on numbers within
the 0-255 range. Depending on what was happening, it could be complex to do so
and certainly slower.
being 32-bit that makes the computer any more secure.”
There are other differences as well. For example a 64-bit computer will
typically load data from memory into the CPU 64 bits at a time, compared to 32
bits at a time on a 32-bit computer. For our discussion here, though, those
differences are transparent.
64-bit computers have actually been around for while. In fact, many of the
processors in newer machines are already 64-bit, but running the 32-bit
operating system in 32-bit mode. The free GRC utility Securable will tell you what you have; you may find you
have a 64-bit machine and not even know it. (It turns out that my laptop has a
64-bit processor, and I didn’t know it until I ran that utility. )
One of the reasons 64-bit Windows is not used as commonly as you might
expect is the lack of hardware drivers. Drivers need to be modified to work in
64-bit Windows, and most manufacturers have yet to do so. It’s kind of a
chicken and egg situation: manufacturers would do it if more people ran 64-bit
windows, but more people would run 64-bit Windows only if drivers were already
So this brings us to our first explanation of why 64-bit Windows might, for
now, be slightly more secure: some, though not all, types of Viruses and
spyware implicitly depend on 32-bit Windows and will fail on 64-bit Windows.
Like the drivers, virus writers need to “upgrade” their viruses for the new
Now, I say all that reluctantly, and use the words “slightly more
secure” for two reasons:
Many viruses and spyware are not dependant on the platform.
Meaning they’ll work just as well in the 32-bit world as they would in the
64-bit world. 64-bit Windows is just as vulnerable as 32-bit Windows to these
If 64-bit does become as successful as 32-bit is today, the virus and
spyware writers are sure to follow. If you build it, they will come.
So, in summary, I certainly wouldn’t choose a 64-bit machine over a 32-bit
machine for security purposes. There may be other reasons to choose one over
the other, but in my opinion inherent security isn’t one of them.
So, that was the apples, now what about the oranges?
When banks or other firms talk about 128 bits it’s really something else
They’re talking about how big a number is used to encrypt the data that’s
traveling between your computer and theirs. The larger the encryption key, the
harder it is to crack or decrypt the encrypted data without knowing the
As we mentioned above, a 64-bit number can be as large as
18,446,744,073,709,551,615. In early forms of wireless encryption, a 64-bit
number was commonly used as the encryption key. Unfortunately computers have
become powerful enough that it’s become fairly easy to crack 64-bit
Today 128 bits (which for the record can be as large as
340,282,366,920,938,463,463,374,607,431,768,211,455) is the currently accepted
minimum size for encryption keys to be considered secure. 256 bits is becoming
more common, and for other security applications 1024 and 2048 bit keys are
considered current state-of-the-art when used with the appropriate encryption
But none of that has anything to do with the 32/64-bit question relating to
your computer. Even my old 8 bit computer could handle computing 2048 bit
encryption keys … given enough time.
The bottom line is that the best and basic steps for your security are the
same no matter what platform you’re running. Check out my recommendations in
Internet Safety: How do I keep my computer safe on the internet?