5

I can employ all the fancy encryption and the randomest of passwords to my hard drive, but it won't do me any good if I don't remember how to log in. It seems sensible to write down my password, then. Should I? If so, how? I'm not talking about password management software, I'm talking about being able to log on and use said software in the first place. Note that I am fallible, and it is thus entirely possible that I lose the paper I wrote my password on.

JesseTG
  • 513
  • 2
  • 6
  • 14
  • Don't use a password for your password manager, use a key file and keep it on USB. – cremefraiche Feb 14 '16 at 08:44
  • And if I lose said USB? – JesseTG Feb 14 '16 at 18:00
  • 1
    Keep a backup USB in a safe deposit box. Or better yet, create a cron job that backs up the keyfile to a remote private server every time you plug it in. Set your DB for incremental backups as well and you have full redundancy. – cremefraiche Feb 14 '16 at 19:30
  • And now I have to secure that server! – JesseTG Feb 14 '16 at 19:57
  • So? Pretty insanely easy if you're using something like Amazon EC2. Three clicks and you are the only IP that can access it. If you're complaining about having to secure things then I don't know what you are doing here. – cremefraiche Feb 14 '16 at 20:27
  • 1
    Really, now? Huh. – JesseTG Feb 14 '16 at 21:05
  • Even if it wasn't a cloud server with an easy-to-use GUI console, being able to harden a backup server is a good skill to have. [PKA **only**](http://the.earth.li/~sgtatham/putty/0.55/htmldoc/Chapter8.html) and [firewall rules](http://www.thegeekstuff.com/2011/02/iptables-add-rule/) would be a solid start. – cremefraiche Feb 14 '16 at 21:22

5 Answers5

6

You need to take your threat model into account. Will people literally destroy a house to get your backup password? Will anybody even look for it?

You also need to take into account how likely you are to forget the password, and what kind of information will be available to an attacker that recovers it.

Assuming that you are not under a severe threat, simply writing it down and storing it in a fairly secure and nondescript hiding place will do. Place it in a book, tape it underneath your sock drawer, etc.

If there will be people actively looking for it, you may need to take more spycrafty (is that a word?) steps, such as laminating it and burying it in the ground, placing it in the freezer inside a piece of frozen fish, spackling it into a wall and painting over it, placing it inside a pen, etc.

You can also take several random values, xor them together, and use that as a key to encrypt it. Keep the encrypted copy in the open, then store the random keys in different locations, so that all will be required to regenerate the key and unlock the password. This may be a more secure method regardless of how the distributed secrets are hidden, because it will increase the work of someone looking for it, especially if they do not know how many secrets are required to regenerate the key.

If the information is very sensitive, you should increase the security level even if the threat is low. Required security = threat level * damage from exposure, in this case.

Richie Frame
  • 565
  • 2
  • 6
  • 2
    +1 for mentioning threat level. For most people, locking passwords in bank safes is far more effort than their passwords are worth. – Jenny D Feb 14 '16 at 13:14
0

You should stored it in a sealed envelope, in a locked box, in a safe deposit box, as long as you're not concerned about either bank authorities or local law enforcement (particularly when traveling abroad).

Alternately, have one, or ideally two or more, KeePass databases (make sure to use the 1 second delay iteration count increase under Database Settings, Security, and then increase it) and/or a Hardware Encrypted drives stored in safe deposit boxes.

Then write down the KeePass password, which is ONLY used for the KeePass databases in the safe deposit boxes, and is long (20+ characters) and generated by KeePass, and either give that password to a trusted friend who DOES NOT have access to the safe deposit boxes, or store it in a different institution's safe deposit box.

Then, to get your passwords, at least two institutions/people need to be compromised.

Anti-weakpasswords
  • 9,785
  • 2
  • 23
  • 51
0

I would say it depends on how frequently you need to read the password and how important and sensitive knowledge about your password is.

If you need to access it frequently and it is moderately sensitive, you could write it on a piece of paper that you put into your wallet. Assuming that you care about not losing your wallet with credit cards and cash, you are less likely to lose the piece of paper. As you will likely not let anybody take you wallet easily nor take a look inside and always carry it on your body it is quite a good place to put it. This is also a good place, in case you house is burning or has a severe water damage, which would destroy documents (assuming you are not in your house and have your wallet). The problem is actually, that you might get robbed or really lose your wallet if you are not careful. Thus you should always have at least a second copy.

The second copy (and additional copies) or infrequently accessed passwords could be stored in a self-storage or if you need more security in a safe deposit at a bank. Depending on how paranoid you are, you could use some anti-temper methods (sealed box) and/or use steganography (invisible ink, hide password in text).

For stronger security you would encrypt the passwords and store the key in a safe place, like a hardware token. The problem with this is availability and possibly also security. You have a big problem if you lose it and if you are arrested or robbed another person could take that hardware token. Redundancy would be necessary.

John
  • 997
  • 5
  • 14
0

I would try to use passwords which are easy to remember and have enough length (as per Randall Munroe proposal). To make password more hard to guess and share by spelling or writing down on paper use upper case or special characters which are on keyboard in place of regular characters. Eg. password123 can be PassWord!2#. Remember only the first string and where Shift should be used.

Pawel
  • 109
  • 3
  • This is terrible advice. Using any common prefix or postfix like '123' with a dictionary word, even in any variation of leetspeak, is highly susceptible to rules-based password attacks. It would take a skilled adversary at _most_ **seconds** longer to crack `PassWord!2#` than it would to crack `password123`. – cremefraiche Feb 14 '16 at 20:40
  • It is example. Real password might have different combination of words and numbers. – Pawel Feb 14 '16 at 20:45
  • The XKCD comic you reference however on it's own is relatively sufficient password quality, depending on the size of the dictionary of words you pick from and the number of words you use. See [this answer](http://security.stackexchange.com/questions/111967/does-eliminating-the-possibility-of-repeat-words-make-diceware-passwords-signifi/111972#111972) to see the strength of a similar password creation system, Diceware. – cremefraiche Feb 14 '16 at 20:47
0

Write it on a piece of paper with other gibberish words and stick it in your wallet. If you lose your wallet, probably unlikely, and someone finds it...and they are actually interested in hacking you...and they have your LID (of course a GF or wife may have this and access to the wallet) they will have to figure out which is your password. On top of that if you mix in some oddball variable letters that aren't actually part of your password on the password(s) on that paper they probably won't decipher it/them. The LIDs are the half of password protection that people tend to forget about. If no one else knows your logonID the password does them no good anyway.

You can also do a similar thing with an electronic file. Mix your password(s) into a text file that someone would glance at and think is a normal irrelevant text file. Create a meme GIF or JPG with your password mixed into some text somewhere in the image on it (like fake swearing - @#$%w7*!!). Another option is to memorize 5 or 6 decent passwords and use those across all your applications or systems. If you are required to update them periodically simply change one character in a consistent place each time (some password update requirements will not allow that but will require a wholly new password).

Hope this helps. Should be enough to deal with normal password hassles unless you are working on something that the Chinese govt or NSA are after...but at that point passwords really don't matter anyway do they?

Martin Fawls
  • 1
  • 1