[Cryptography] Passwords (Smallest feasible work factor today?)

Wed Sep 14 10:53:59 EDT 2022

On Sep 14, 2022, at 5:09 AM, Peter Todd <pete at petertodd.org> wrote:

> On Tue, Sep 13, 2022 at 11:41:00AM -0700, Ron Garret wrote:
>> Personally, I keep my valuable secrets in an AES-encrypted file which is protected by one master password that I don’t use for anything else.  That password is written down in case I forget it, but no one except me would recognize it.  The encrypted file also not very prominent.  A little bit of obscurity and a little bit of entropy stored in your brain and backed up with some strategically placed post-it notes can go a very long way.
> 
> Be careful with these kinds of approaches: your brain's ability to forget
> passwords also applies to your brain's ability to forget obscure procedures to
> recover passwords.
> 
> If you're using a master password scheme like this, make sure you're actually
> using that master password regularly enough that you're sure you have it
> remembered. Equally, make sure you've verified your backups regularly enough to
> make sure you remember how those post-it notes actually work.

The post-it notes all contain the same information: the master password.  The only reason to have more than one is for redundancy.  They are also metaphorical.  I don’t have actual post-it notes.  The physical details of how the master password is backed up is an essential part of the security.  What matters is that *I* know where it is, but no burglar would ever even suspect that there was anything of value there even if they were looking right at it.  It’s analogous to having a key storage box shaped like a rock, except that there is no actual key inside to tell a burglar they’ve found the right rock.  Steganography is very effective in the real world, especially against an adversary that has no reason to suspect that you’re using it (indeed, probably doesn’t even know what steganography is!)

Also, one of the advantages of this approach is that it forces you to use the process and master password every time you need access to a secret so all this gets exercised regularly.  There is no need ever to change the master password.  The real reason for the physical backups is in case I am incapacitated.  Yes, backups of the encrypted secrets database are important, although most on-line services have procedures for recovering or resetting lost passwords, so losing the database is not necessarily catastrophic, just a colossal PITA.

rg