[Cryptography] Passwords (Smallest feasible work factor today?)
Peter Todd
pete at petertodd.org
Wed Sep 14 08:09:17 EDT 2022
On Tue, Sep 13, 2022 at 11:41:00AM -0700, Ron Garret wrote:
> Personally, I keep my valuable secrets in an AES-encrypted file which is protected by one master password that I don’t use for anything else. That password is written down in case I forget it, but no one except me would recognize it. The encrypted file also not very prominent. A little bit of obscurity and a little bit of entropy stored in your brain and backed up with some strategically placed post-it notes can go a very long way.
Be careful with these kinds of approaches: your brain's ability to forget
passwords also applies to your brain's ability to forget obscure procedures to
recover passwords.
If you're using a master password scheme like this, make sure you're actually
using that master password regularly enough that you're sure you have it
remembered. Equally, make sure you've verified your backups regularly enough to
make sure you remember how those post-it notes actually work.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220914/84364cdc/attachment.sig>
More information about the cryptography
mailing list