<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p><br>
</p>
<div class="moz-cite-prefix">On 9/8/22 18:17, Phillip Hallam-Baker
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAMm+LwhTRPin6WbUYUqZ=vKMhChEJWv0t0yCabzoKEFxu-etQQ@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div class="gmail_quote">
<div><br>
<div class="gmail_default" style="font-size:small">I have
over 500 stored passwords. What sort of cretin would
imagine that I would possibly remember 500 different ones?
Someone would have to be a special type of stupid with
extra stupid sauce to believe anyone could do that.</div>
</div>
</div>
</div>
</blockquote>
<br>
<p>I use a metal lockbox full of 3x5 cards as my password manager.
And when asked, I recommend it. The system architecture is
visible, verifiable, reliable, easy to understand and correctly
operate, hard to remotely subvert or hack, and easy to check with
absolute confidence for malware or spyware regardless of whether
you trust the hardware manufacturer. The security model does have
one big hole if someone else gets their hands on the box. But if
someone has to resort to in-person burglary to get at passwords -
meaning personal attention for an individual target - It's not
compatible with the economic model of most people who'd be after
most passwords. <br>
</p>
<p>But recently I've felt the need of better; probably paranoia on
my part but I'm working on something that really and truly can't
get out.<br>
</p>
<p>So for a few "special" passwords I invested the effort to make my
"too low tech to hack" approach one level harder, closing the
"somebody gets their hands on it" hole fairly tight; The passwords
stored on my 3x5 cards in the metal lockbox for these "special"
passwords are plaintext that I pass through a pencil-and-paper
encryption to get the actual password. And there are a few
ordinary things I carry with me which I use in combination as the
key to that pencil-and-paper cipher. But nobody looking through
my stuff would ever see a key there, nor know how to combine these
objects to make the key, nor know how to use it as a key.<br>
</p>
<p>So for most passwords, there's an annoying fifteen second
lookup. For the "special" ones there's a fifteen-second lookup
plus about a minute and a half of hand encrypting to work out the
real password. <br>
</p>
<p>This is annoying and high-effort compared to the neat package
most hardware password managers present. But the electronic
password manager does not exist whose every hardware component is
made by people whom I implicitly trust or whose every circuit
trace can be visually checked at any time to make sure that it's
exactly what it ought to be. Nor does the electronic password
manager exist whose every line of code is guaranteed not to be
exploitable. <br>
</p>
<p>Seriously. If you want password security, consider the metal box
with a lock. It has virtues hard to match on most electronic
platforms. <br>
</p>
<p> Bear</p>
<p><br>
</p>
</body>
</html>