![]() ![]() Over time, I have tried different schemes for the temporary copy, like using an encrypted volume that will be unmouted or even destroyed after the edit, or a memory-based filesystem, but you need a careful setup and also have encrypted swap for good measure. You need to decrypt to a file in a temporary place while you edit it, then encrypt the modified version you write out so it is exposed somewhere in the filesystem while you edit it, and when you delete the cleartext copy the data stays on disk. Your scheme is actually a home-made password manager, why not use a real proven vi(m)/gpg was a schema I had used before for some stuff, but it is quite tricky not to leave unencrypted copies somewhere. The contents of a spreadsheet may land in various places like temporary backups, scratchpad, clipboard, swap etc. J5:11 using encrypted spreadsheet might be not very secure, the office apps are not scrutinized as well as password managers with regard how they handle data. [I’m a technical person (and informed about security thread and when to do upgrades), so “cloud” for me is to my personal server, but most people must relay on “the clouds”. Note: using a single computer is also not safe, one often forget backups, so being digitally look out, and I will not cross the border with a computer with a lot of credentials. also at work, if the site maybe relevant). I would like to share it on all my computers (and ev. I like to register (and maybe pay a subscription not to have ads). And I could not afford to connect to airport WiFi (terrible security, and ToS) to get my checkin data.īut also many online newsites. We all know that with booking code, one could cancel flight and get the very small refunds (at minima, the taxes and fees), but anyway I want the part I control to have a stronger password. These are important data, but also not stored (by airlines) securely. I need them on work computers (work travels), but also on my personal computer and phone (for booking and check-in details). Especially for hotels, I do not trust they security. I will never remember all password, and I’ll not reuse them. I need to manage a lot of airlines and hotels. For sure I do not store email and bank credential on the cloud, but. J3:12 It is handy, instead of remembering many website password. I don’t think either of those is a killer, just things to be aware of. This is an advantage of a well-designed password manager: it should keep itself locked down when not in use. Depending on the details of the FDE setup, your password file is decrypted/accessible while you’re not using it (just something else on the same disk/partition).You might want to encrypt that spreadsheet and send it to your mom, or your old college buddy, or whatever. ![]() Maybe you don’t trust dropbox or gmail or my dad, but since all they have is an encrypted file I’m not too worried.)Īsk yourself what happens if your house burns to the ground, or gets hit by lightning, or every drive on the premises gets destroyed in some other way. With a password manager, I have a single high-value file that is separately encrypted, which I can then take extra care in backing up (so, for instance, I email it to myself and a relative occasionally and keep a current version on dropbox. I hope your backups are good, and offsite. There are two points of failure I can see that you’re more vulnerable to than I (a religious password manager user) am.ġ. Now, if the spreadsheet is a better way for you to keep organized, that’s fine. The internet is just a gigantic collection platform, and if you want to have confidentiality about anything, you better do your homework–learn about encryption and air-gapping. I try to stay off the internet for anything personal. I always use multi-factor authentication. I store them on paper in a book in obscured form (substitution), which would stop my little sister. I use a TRNG (true random number generator) to make my passphrases, using all the characters possible, and all of them are very long. I never repeat passwords/phrases, nor do I repeat parts of them. I only store passwords for two sites, both of which have no important info of mine on them. I would not store anything on the cloud that needs to be kept confidential–that is, unless you are an expert. The whole concept of cloud storage is utter madness to me, from a security perspective. I like it when he shares what he does for the security of his own info. Schneier makes measured, thoughtful recommendations, and it is always good to hear what an expert does for himself or herself in things having to do with information security. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |