Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Not GP, but KeePass user: I store my KeePass database on a small thumb drive (SanDisk Cruzer Fit), together with a copy of the KeePass executable. If I absolutely need to decrypt my password database on someone else's machine I can take the "secure" software from the USB and hope for the best. The USB also stores a copy of Truecrypt and a large Truecrypt container with backups of my encrypted private keys (PGP, SSH).


Key logger + making a cron job that copies everything off your drive = 5 minutes of work? I hope you trust the folks you use this setup on...


Key logger + screen shots and you also get access to a 1 password account

No matter what you do if the computer you are using isn't trustworthy you're losing.


Yeah, totally with you — don't trust devices you (or your employer) doesn't own. I'm borderline still where I trust my employer's devices with my personal passwords sometimes, but even that seems a bit iffy.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: