Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
rclone
"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files
One way to circumvent this is to use a strong passphrase to deterministically generate the PGP/SSH key [1] to unlock other passwords. The SSH key could grant access to a remote server with backups and the PGP key could decrypt passwords using pass [2].
1. https://github.com/skeeto/passphrase2pgp
2. https://www.passwordstore.org/
> the “thing you know” could also be at risk. I realize this the older I get.
Years ago, when I was in university, I had a couple of machines in my room running FreeBSD with full-disk encryption. These machines were powered on for a few months without reboots until one day when the power went out.
Having not typed in the password in months, and at the time using the kind of passwords consisting of long word with a lot of numeric and symbolic substitutions, I was unable to decrypt the disks of my machines.
I lost a fair bit of data that day, but it taught me a valuable lesson.
These days, any passwords that I use for full disk encryption I make sure to
1. Regularly use. Meaning I’ll reboot machines and retype the passwords on a regular basis. Likewise, I connect external encrypted disks on a regular basis and decrypt them with their passwords.
2. Use pass phrases with many words but without any numbers or special characters. See also https://github.com/ctsrc/Pgen
(For websites etc I use a password manager.)
Related posts
- S3 Client against disasters (hacks, fires, catastrophes)
- Ask HN: How do you do personal backups in 2023? (Google and Dropbox issues)
- Which synchronization tool are you using together with the pCloud Crypto Folder?
- Backup of Google Drive (and photos?) to local disk (not to Google Drive)
- Backuping Google Drive to a Raspberry Pi