Re: [dev] securiy guidance

From: Markus Teich <markus.teich_AT_stusta.mhn.de>
Date: Sun, 11 Mar 2018 05:19:46 +1100

Am 2018-03-11 04:21, schrieb Anselm Garbe:
> On 10 March 2018 at 06:08, Markus Teich <markus.teich_AT_stusta.mhn.de>
> wrote:
>> Should be fine, but the salt should not be secret (you need to sync it
>> between devices where you want to use this system after all). The
>> point is
>> that you can give your encrypted database as it is stored on disk to
>> anyone
>> and they would not be able to derive anything (you care about) from it
>> without the master password. Depending on what you care about, the
>> whole
> [..]
>
>> In the end the master password should be the only thing that needs to
>> be
>> kept
>> secret and you can easily "sync" that between devices by remembering
>> it. ;)
>
> I tried to grasp the overall suggestion, but how is that different to
> a single text stream of the format:
>
> user_AT_domain: password\n*
>
> being encrypted using your own PGP public key into a single file? Each
> time you want to know a username or password, you decrypt the file,
> look it up and are done with it.
>
> Are you concerned about portions becoming decrypted in memory on your
> local host?

Using a single file encrypted with gpg would certainly work too. You
just have
to be a bit more careful with the handling as you risk leaking the
complete file
instead of just a single password. For example the file needs some
structure
that you may want to enforce to some degree to make it usable for tools
like
selecting and pasting your password into login forms. In my experiment I
found
it easier to have one file per key (e.g. domain) and then use the first
line
as the canonical password while additional lines could be used for those
annoying
security questions some websites require or other related information.

--Markus
Received on Sat Mar 10 2018 - 19:19:46 CET

This archive was generated by hypermail 2.3.0 : Sat Mar 10 2018 - 19:24:21 CET