password security by_khawar_6_sep_2014-1
DESCRIPTION
How to store the hundreds of passwords securely. Also how to make long passwords. How to make and remember the master password.TRANSCRIPT
How I solved my password problem
By : Khawar NehalApplied Technology Research Center
http://atrc.net.pkDubai Computer Services.
http://dubai-computer-services.comDate : 6 Sep 2014
Problem
Just like many other people, I have to have passwords.
Sentences
Since many years the computers required longer passwords due to the ever increasing computation speeds of computers.So I came up with the pass-sentence idea many years ago and write about that.In this my passwords looks like a sentence like this : “thisismypasswordanditislong”
Storage
What I used to do is create different passwords for many sites which I visited. Also I was responsible for a lot of ISPs concurrently so there needed to be a way to store all passwords.
Paper
Initially it was all done on paper with paper backups. The paper was well guarded physically.
Electronic
The about 10 years ago I stored the passwords in a directory aptly called “passwords.” I was not afraid of anyone getting access through the network because I was always using some version of Linux installed less than 6 months ago.
Encrypted partition
Now the laptop and desktop had to be physically protected.Then a few years ago I started using an encrypted partition. This way, the computer needs the password on startup and if you do not give the password, the encrypted partition is not available.
Solution for you
So I if you want peace of mind, you can use my password management system to prevent unauthorized access to your stuff on the computers and the net.
Procedure
Copy all of your data off the computer to backup.Download the latest available ISO of the OS.Create an encrypted partition of about 100 MB when installing the OS. This procedure needs to be done every 6 months so your OS distribution is fresh.This solves the update causing your apps to go haywire issue.And increases security while keeping your system running smoothly.
Procedure
Create a directory called passwords in an encrypted partition. Create directories in the passwords directory for each domain and application. Examples : yahoo.com, your_database, your_server, ...
Files
Create text files or odt files in the directories with the date and version in the name of the file.Example : in yahoo.com you might have a file called khawar.nehal_5_sep_2014-1.txt
Contents of files
Inside the file the contents look like :
User khawar.nehalPassword thisismylongpasswordDate of birth 9/11/2001 Alternative email : [email protected] … any other info relevant to the password.
File names.
If the file is changed on the same day then the file name may look like Khawar.nehal_5_sep_2014-3.txtTo represent the 3rd version on the 5th of sep 2014This is to avoid having any wrong CMOS/BIOS clock time messing up your backup/restore.
Old files
Old files are deleted regularly. If a restore is required and they show up again, they are deleted. With terabytes of storage, the number of files does not matter. Just delete the old ones and keep the latest. Use save as to change the name to the new version to avoid restore disasters.
GPG
Also use GPG with symmetric encryption when copying to backups.To make it easy, use a king of reminder in the GPG file name to help you figure out the master passwords of the whole backup file.
Reminder
For example your master password for the GPG file is maryhadalittlelamb. You could use the reminder KG to remind you of the password. Anything which shall help you remember your long pass-sentence.
GPG
I hope you shall be able to use this procedure to have strong passwords and keep them secure.If you need help with other computer security issues or better ideas on how to manage your enterprise security requirements. Please contact me : [email protected] and mention this presentation.
How I solved my password problem
By : Khawar NehalApplied Technology Research Center
http://atrc.net.pkDubai Computer Services.
http://dubai-computer-services.comDate : 6 Sep 2014
Request for contributionIf you find this useful and would like to contribute resources, books, things or money to help my company to provide more such useful research please contact us.Do also contact to send ideas of things which you would like to see more research on.