Design, CG Graphics & Inspiration
Secure Storage of Passwords

Secure Storage of Passwords

Internet has firmly established its place in our daily lives. All of us, who cannot be referred to IT people, use a great variety of services ranging from mail and ending with social networks. Almost all services require registration. But for the personal safety one should use different passwords that consist of many characters. Well, many Internet users are unaware of the requirements for a secure password. But here is one small problem: how to remember all of your passwords?

Recently, I asked myself this question. Personally for me, it would be very tragic, if I’ll lose an account of my e-mail. So what shell I do? Should I write down all the passwords in a file? And what about the risk to give away all your accounts at once. Should I write them on a paper? But there is a certain threat of losing a piece of paper and, as a consequence, of all the passwords immediately.

Plus I got to thinking about the availability of the passwords anywhere on the globe. And then I remembered about my favorite emacs editor and in particular, the Org-mode and EasyPG in emacs. I’m not going to describe how to work in org-mode, it was already done before (Guide to Org-mode).

So what’s the trick? Everything is quite simple. Instead of filename.org file, you should create a filename.org.gpg file. Emacs will automatically open the file in the Org-mode. Then write down your password in this file, it’s better to use password generator (for example, I use a one-liner in bash):

$cat /dev/urandom | head -1 | tr -d -c 'a-zA-Z0-9[][email protected]#$%^&*()'|fold -w 25| head -1

and, of course, don’t forget to write some additional information on the login and password. And then just save the file. Emacs itself will offer options for action: to use asymmetric encryption key or click OK to symmetric encryption by password. It’s up to user’s choice, but I prefer to use a symmetrical, because one of the requirements is that you can access the file not only from your home computer, and I don’t like to carry a private key with me.

But here comes a new problem: you have to remember the password of the encrypted file. Again, we just can’t use a simple password for the file. Too much chances of losing it, especially if you always carry a copy of this file on a flash drive.

And once again we face the problem of storing passwords. But there is a way out. If we can’t remember the password, then we have to make sure that we can recover the password. And it’s very simple: we take a passage from any book, for example, one paragraph. Put this text into a text file. file.txt. And count the MD5 or SHA1 of the file.

$ echo "a passage from any book" > file.txt $ md5sum file.txt | fold -10 | head -1 95584f1920 $ rm file.txt

The result is a secure encrypted text file with strong passwords. You can copy this file on a flash drive and carry it with you or copy it to a remote machine you have access to from the network, providing access to the password anywhere in the world.

And if you suffer from forgetfulness, you can always recover the password from the file by making a little effort. A great plus is that Emax is cross-platform. And even with its absence, files. org represent a plaintext, so we can decrypt a file with the help of gpg utilities and open the it with any text editor. And finally, in this way you can keep any private information.

Of course, I’m not saying that this method is unique and correct. But for me, this method has proved very useful. I hope it will be useful not only for me. Protect your passwords.

  • wlan,
  • September 12, 2011

SHARE THIS POST

Subscribe for the hottest posts

Subscribe to our email newsletter for useful tips and freebies.