[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Secure Password Storage

Ok, so I know that using key based authentication is better, and that
you should never write down passwords. But, I don't know of any websites
that allow key based authentication (yet) and 135+ passwords is hard to
memorize. :-)

So, my next thought was removeable media. But, what happens if I lose
the removeable media (falls out of my pocket, gets stolen, etc.), or a
'friend' snoops files they shouldn't?

I could encrypt them using ssh, but now I have to carry a second
removeable media with me at all times - for my ssh key - and hope I
don't lose both pieces of media at the same time. If I don't carry my
ssh key with me, I've just lost the functionality of always having my
passwords with me. I could do a password protected zip file, but that
seems pretty weak to me. 

I also don't have a laptop, so I realize that presents a whole new set
of complications and ways for privacy/security to be compromised in
regard to my passwords and keyloggers, etc. 

So, does anyone have any other suggestions for good ways to store
passwords in a fashion I can carry with me yet keep them secure? I'm
pretty much resigned to the fact that anyone that *really* wants to get
the passwords can, if they have the removeable media and enough time,
but I don't want to make it any easier on them than I have to.

Any suggestions would be appreciated.


Reply to: