Encryption in a CyberSecurity Emergency

Disclaimer: This content is the result of my having survived several emergencies of varying effect sizes. Most of these ideas are rules of thumb, and not canned answers. As in any emergency your best outcome will be if you keep calm, consider many options, and flow from plan to backup plan as required.



Passwords provide a single point-of-failure and are quite dangerous. However, they are quite necessary, as they are the main way to verify that a user is who they say they are.

Key rings

Password key rings are sometimes useful. However, take care, because they use encryption to introduce a new password, which is a single point-of-failure for all the other passwords. You might as well just use the same password for all your accounts and write that single password in a plain text code on a a piece of paper.

Despite the mentioned disadvantages of password key rings, I find them useful for the many extraneous accounts that I must create for every little professional activity that I engage in. Most of these accounts are not particularly security or privacy sensitive. So, a password key ring is quite adequate.

Password Recovery

Some people use the email password recovery option for all these extraneous accounts, rather than password key rings. This method goes as follows: never record the password, every time you access the count, use your email address to get a new password. This method is very similar to the key ring method. The main vulnerability is that it requites email security.

Password Books

Password books of written passwords are extremely useful!! You would think that this method would go out with the stone age, but it hasn't.

Advantages: Allows you to decouple the machine from it's user and password information. Physical security of a small book is fairly easy to ensure (i.e. keep it with you if necessary or locked up). Deals effectively with human memory vulnerabilities in which passwords can be forgotten.

Disadvantages: In a world with so many cameras in homes, work places, coffee shops, and parks, it is easy for someone to lift your password directly out of your password book, if they can read it. So, either memorize the passwords that you use in public, or make sure that nobody except you can read your passwords.

Setting and Changing Passwords

Make sure that your passwords are long enough to be difficult to crack. Do not use the same password for all accounts. Make longer passwords for more sensitive accounts. Change your passwords whenever you detect a problem with an account.

If the security of your OS is compromised, assume that all your passwords are as well. Re-set all passwords when you clean up your OS.


Homework

  1. Experiment with several options for recording passwords. Decide which works for you.
  2. Try memorizing your most critical passwords.
  3. Consider this thought experiment: can your cloud account be secured if the computer that you access it from is insecure?


© 2015-2021 Intrepid Net Computing. All rights reserved.