Follow

How do you remember encryption passkeys without writing them down?

I want to have encrypted directories, but I don't want the key to be one of my other passwords that could be compromised. How can I remember a good, complex, pass key without putting it somewhere it can be compromised either digitally or physically? Suggestions are appreciated!

· · Web · 2 · 1 · 0

@AdvJosh

As long as a human needs to access your encryption passkeys, there is always the potential for compromise.

Your best bet is to minimize the risk. For me, that means:

1. Making sure managed passwords aren't stored on the internet.

2. Passwords have to be kept somewhere, even if encrypted with another password. That somewhere shouldn't be a single device.

1Password 7 meets my needs as it has a WiFi server to sync my vault and changes in both directions to multiple devices.

@AdvJosh

Reusing passwords is always a vulnerability. A password manager helps you mitigate this by enabling you to remember one complex (generated) master password that isn't used anywhere else to access fully generated secure passwords.

It may be difficult, but baby yourself with it written down until you clearly never need the help anymore and destroy the written version. If you use a password manager for all internet credentials, you'll have a reason to test yourself regularly.

@AdvJosh Use a pass phrase. Rely on multiple words and a long phrase rather than line noise. It’s easier to remember five to eight words properly spelled than F1$hnCH0Pz

@mike @AdvJosh

Problem is, eight words are not enough for a secure password if they have semantic relations...

(i.e., "red rose" doesn't really have more entropy than just "rose")

And it's not secure enough either if it's from an existing corpus (i.e., a phrase from a book)

@Iutech @AdvJosh So go even longer! “Red rose” arguably has less entropy to some advanced future attacker than “intergalactic rose”, but it still has more than “rose”. You are looking for a password with many bits of entropy, that you rarely use, that you never forget, and that you never write down. You’re not a machine. Such a password has to have semantic meaning or you won’t remember it. There isn’t some kind of trick that is going to allow you to memorize a random series of 128 bits!

Sign in to participate in the conversation
Mastodon @ SDF

"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko