Re: Discussion about backup passwords for LUKS encrypted filesystems before revising wiki
On Tue, Dec 22, 2020 at 12:11:19PM -0500, rhkramer@gmail.com wrote:
>
> My point is this: I think creating and saving backup passwords is of minimal
> value.
Maybe to you as a single user. However, I have worked in places where
resources are protected by multiple passwords. For instance there was a
"normal" password given to the admins (or users, as the case may be) and
a backup password was kept locked in a safe. The backup password could
be used if there was some sort of emergency where for some reason those
who would normally have the password were not available. (Think
disaster recovery.)
Based on the content in the wiki it seems appropriate to inform the
reader of the presence of the ability to store multiple passwords which
can unlock an encrypted device.
> Far more important (but not mentioned) is making and keeping backup
> copies of your encrypted data (possibly not encrypted but stored in a bank
> vault ;-), yet that is not mentioned.
>
It probably is not mentioned since backups are not something which are
unique to encrypted devices. A general reminder would not be wrong or
bad, but it would seem out of place to me. I mean, we could also add
reminders to make sure the firewall is up to date, secured, and enabled
or to have SMART enabled and configured to send alerts if a HDD begins
to exhibit symptoms of a potential failure.
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: