[Discuss] deadmanish login?

Sat Feb 4 12:25:36 EST 2017

On 02/04/2017 09:31 AM, Bill Horne wrote:
> Readers please state your preferences for Keepass, Password Safe, or other programs/methods for storing passwords.

You knew I would  have something to say...

I would recommend security over convenience. For example, I recently saw 
the someone is forking Keepass because they want to add move convenience 
features, I think it was auto-fill of passwords in web pages. I think 
this is a bad idea. Recently there was news of web pages tricking 
browser auto-fill features into submitting credit card numbers in hidden 
fields. Moral? Avoid inherently dangerous auto-features. Less automation 
the better, less delegating of responsibility the better. I don't trust 
computers.

For software? Commercial products and software are scary, even when they 
are fully buzz-word compliant. Because who knows what you are buying? 
And the sellers are selling whatever it takes to get you to part with 
money, not necessarily the best security design and implementation. Open 
source isn't guaranteed to be perfect, but at least there is more hope. 
Also, if there is a program that has compatible versions and ports 
that's a good sign...it means more eyes have looked at it.

For software, worry about the environment in which it will run. Is there 
Microsoft and Adobe software, games, Skype, 
this-really-cool-program-you-found, also running on the same machine 
running as the same user as the password software? Scary. Run any 
password software in as bare and conservative an environment as you can. 
Want to run a compatible password program on your phone? Oh, scary! 
Phones are a wild, wild frontier of new software and new attacks. Maybe 
buy the smallest dirt-cheap Android phone you can find specifically for 
running password software--and nothing else. Don't let it on the 
internet at all, don't put a SIM card in it, and you are pretty safe.

The passphrase you use to protect your master collection of all the 
passwords in your life...should be pretty damn good. And that isn't very 
practical. So keep even your encrypted copies very tightly controlled, 
run extra layers of encryption: Run an encrypted file system on you 
computer. Encrypt the data on the dedicated-use Android you get. And 
still worry over it.

And do backups. But how are you protecting the backups? Are they 
encrypted? How? Why should you trust it?

All very scary. To the extent you use computers and delegate 
responsibility to those computers you are at risk from software attacks. 
And unless you can completely air-gap them (hard to do, ask the 
Iranians) you are at risk of being attacked by anyone, anywhere in the 
world.

Maybe go manual...

Most people should write down their passwords on paper, by hand. 
Obfuscate them so they aren't obviously useful to someone who might find 
them. Maintain another handwritten backup. Do everything manually (NO 
modern technology, no photocopies even, unless you have an ancient 
analog copier) and you are pretty much bullet-proof secure from a 
software breach of your system. And keep your lists separate and secure, 
they are important.

-kb