[Cryptography] Best Practices for Passwords
Phillip Hallam-Baker
phill at hallambaker.com
Tue Feb 3 13:43:23 EST 2015
Best practice: Allow the user to get rid of them wherever possible.
For example, right now I am seriously considering changing my hosting
provider from 1and1 because they only offer password based SFTP for upload
to a Windows host. This in turn means that I can't use scripts to upload
work without either hard coding the password into the script (eek!) or
having to enter it every damn time.
How should this work?
1) I create a public keypair such that the private key is registered to the
machine, cannot leave the machine and can only be accessed by a signed
script that has a specific authorization to do so.
2) I register the public key identifier with the hosting provider as being
permitted to upload to that account.
Now I can add in my strong account names to simplify the process but they
are merely a bit of syntactic sugar to combine an account name and a key
fingerprint so I can do cut and paste.
What I think I will do instead is:
1) Create the public key pair, mark this non exportable
2) Generate a random password that I register with the hosting provider
3) Encrypt the random password under the public key and write it to a file.
4) Write a utility that pulls the random password from the file and uses it
for SFTP log in.
The more stupidity people pile on password restrictions, the more likely it
is I have to write the password down. Because chances are, your digital
assets really are not at all valuable to me.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150203/716c285a/attachment.html>
More information about the cryptography
mailing list