[Cryptography] Low-tech password safe was: Passwords (Smallest feasible work factor today?)
Ralf Senderek
crypto at senderek.ie
Thu Sep 15 04:05:26 EDT 2022
On Wed, 14 Sep 2022, Ray Dillinger wrote:
>
> On 9/14/22 01:26, Ralf Senderek wrote:
>> But if you recommend this as a better password manager its security
>> vanishes when being used.
>>
> Couldn't I use exactly the same argument to say that the security of an
> electronic password manager vanishes when being used?
Of course you can. But the point is that the electronic one is not less
secure than the low tech because at some time the stored passwords are
being used and that is where the risk lies.
>
> And couldn't I state truthfully that an electronic password manager, as far
> as the user is actually able to tell or check, is potentially subject to
> electronic leaking at any time while the user *can* tell and check that
> passwords kept in the lockbox are not?
>
> Seriously, if your key manager were *BROADCASTING YOUR KEYS ON WIFI* it would
> look exactly the same to your poor mortal senses.
No, "my key manager" is likely not to broadcast. In Ireland the revenue
commision forces every citizen to use a X-509 cert to log into their
online service in order to manage their tax affairs. The corresponding
private RSA key is protected with a user-generated passphrase and stored
in a p12 file. This passphrase is an ideal candidate for your special
password in the metal box.
I need this password once a year so I store it in a Unix-like OS in a
file encrypted with Cryptlib's AES mechanism owned by root with
minimal access permissions.
Once I decrypt this file and I enter the password to perform the login
at ROS the password gets an exposure to risks that matter.
I don't see any risk that my method of password safe is in any sense
liable to broadcasting the content.
> Why do you trust that it's
> not? Can you list all the human beings you had to trust in order to reach
> that conclusion, and the reasons why you trust each one of them?
Yes, I trust Unix permissions to work here (and this belief is based
on 30 yeas of experience) and I trust Cryptlib to do what it is supposed
to do, and I seriously do not think that storing the password in this
way is the most severe risk to it. Nor do I think that the low tech
would add any security to its storage.
> If you genuinely don't care that your password management device may leak,
> you may as well tattoo your passwords on your forehead.
As you may see by now, I care about password management a lot, and maybe
we can hammer out the best way of password management using the expertise
of this list.
--ralf
More information about the cryptography
mailing list