What is the most secure way to store the password on a physical medium (paper, etc)?

Question

Let's assume that I have to store the password on a material medium (paper, etc). What is the most secure way to do that? I mean a way of storing the password that does not needs any electronic tools for extraction of the password.

What do you mean by "secure"? Do you mean confidentiality? Integrity? Or what? — forest, Jul 15 '18 at 13:10
@Aaron sure you do, to increase the bus factor, as access to a heritage, for people who don't trust their own memory, etc. etc. — J.A.K., Jul 15 '18 at 16:48

KlaymenDK · Answer 1 · 2018-07-15T17:01:19.877

How about writing it on good stock paper using a pigment ink pen so it does not fade (within a few decades).

But write only two thirds of it on one sheet, another 2/3 on another sheet, and the last 2/3 on a third piece, and give them to three (trusted, obviously) friends - that way, any one of them don't have your password, but any two of them together do.

Eg. Jim gets APPLxx, Joe gets xxPLES, and Jack gets APxxES. Any two of them will be able to reconstruct APPLES, alone they would be guessing.

Pilfility · Answer 2 · 2018-07-16T09:24:49.367

I would use The Vernam Cipher. My steps would be;

Choosing a long sentence that I always remember ( example: a part of my favorite song)
Encrypt my password using vernam cipher by using my sentence as key. ( there is an online generator for it: https://www.dcode.fr/vernam-cipher, but still you can encrypt your cipher on a paper without using something electronic.)
Write the ciphertext on the paper.
When I need to read my password, I can decrypt it with my key using a simple paper again.

One problem of my idea is that the length of your cipher key must be equal to the length of your password. In addition, calculation can take some time on the paper. Note that you need to destroy your paper that you have made your encryption/decryption so that nobody can find it in your trash or somewhere.

If you can do, you can store your key in a secure place. Then you will not need to remember the key. In this case, you can make your key random.

However, Vernam Cipher is described as unbreakable crpytosystem. So I would use it if I need to keep my password very secure in an environment where I can not store my paper secretly. Referance: Cryptology and Data Secrecy : The Vernam Cipher.

score -1 · Answer 3 · answered Jul 15 '18 at 18:25

-1

Why write it down at all? Choose a book you can find in many bookstores, select a chapter and use the first twenty words or so. You will not need to carry/keep/safeguard the physical medium. Only remember the title and chapter, and buy the book when you are safe again

answered Jul 15 '18 at 18:25

bbaassssiiee

363
1
11

This does not work for a lot of applications, like people who doubt their own memory or want to make sure trusted people have access after their death. Also, this counterquestion is better suited as a comment, not an answer. – J.A.K. Jul 15 '18 at 18:32
There are multiple solutions for confidentiality, availability, reliability, etc. The connotation of ‘the most secure way’ depends on context, there is not enough of that in the question to assess the best option. My solution works if your house is raided/burnt, or if your luggage is stolen. – bbaassssiiee Jul 15 '18 at 20:41
1

The connotation doesn't matter if your solution is not writing it down at all, just remebering another password. Then you're back where you left off for _any_ reason you want it written down. – J.A.K. Jul 15 '18 at 22:37
It is just the hash function to remember: the book and chapter. – bbaassssiiee Jul 15 '18 at 22:40

score -3 · Answer 4 · answered Jul 15 '18 at 11:12

Probably using a keyed hash. You write down all your passwords on paper EXCEPT for a secret password you just have to remember. Then whenever you need to enter your password you feed it through a keyed hash function to get the actual password. You just have to pick a hash function you can do in your head. Or just pick some other "derivation scheme". The keyed hash function approach works great if you at least have a smartphone available or a computer where you can compute the hash. But if you have absolutely no electronics available... a "derivation scheme" is probably much simpler. But this is pretty much the only feasible way I can think of. I.e. you write ABCD as a password but your secret scheme is +1,+2,-1,+1,+2,+2,+2,+2 which turns ABCD into BDBECDEF. Not that I recommend doing this, but if I had to, I'd do it like that.

If writing down the password was to give it to someone else (bus factor), how would this work? — J.A.K., Jul 15 '18 at 15:10
It obviously wouldn't. But that wasn't part of the question... so it's not part of the answer. — mroman, Jul 15 '18 at 19:25

score -4 · Answer 5 · answered Jul 15 '18 at 10:58

I guess the most secure paper password is the launch codes for nuclear missile on submarines:

On a nuclear submarine hidden in the ocean
Locked in a safe that only the captain and first officer have access to.
Only opened when required to launch nuclear weapons.

In other words, you need to define your budget and threat before you can decide the most appropriate way to secure offline passwords.

What is the most secure way to store the password on a physical medium (paper, etc)?

5 Answers5

Related