Secure password storage

The Internet is firmly established in our lives. All of us, even people who are not at all close to IT, use a large number of various services, ranging from mail to social networks. Almost all services require registration. But for security, you need to use different passwords, consisting of many characters. Well, most people who use the Internet are aware of the requirements for secure passwords. But here there is one small problem: how to remember all these sets of passwords?

Recently, I asked such a question. To lose, for example, an account from the mail for me would be very tragic. Write passwords to a file? There is a risk to donate all your accounts at once. Write on a piece of paper? The risk of losing a piece of paper and as a result all passwords at once. Plus, I thought about the availability of my passwords anywhere in the world. And then I remembered my favorite emacs editor. And in particular about Org-mode and EasyPG in emacs. I will not describe how to work in org-mode, it was done before me (links: Introduction to Org-mode ; Org-mode manual ).

So what is the trick? And everything is elementary. Instead of the file filename.org, you must create the file filename.org.gpg. Emacs will automatically open the file in Org-mode. Then write the password to this file, it is better to use the password generator (for example, I use the one-liner on bash:

$cat /dev/urandom | head -1 | tr -d -c 'a-zA-Z0-9[]!@#$%^&*()'|fold -w 25| head -1 

), and, of course, do not forget to write the password and login from what. And then just save the file. Emacs will suggest the following options: use the key for asymmetric encryption, or click OK to symmetric encryption with a password. There is already a user’s choice, but I prefer to use symmetric, because one of the requirements was not only access to the file from my home computer, but I don’t really like to carry a private key with me.

But here comes a new problem: you need to remember the password from the encrypted file. And again, we simply do not have the right to use a simple password for this file. Too much chance of losing it, especially if you constantly carry a copy of this file on a flash drive. And again we are confronted with the problem of remembering this password. But there is a way out. If we can not remember the password, then we need to do so that we can recover this password. And this is done simply: we take an excerpt from any book, for example, one paragraph. Put this excerpt in a text file. file.txt. And we consider MD5 or SHA1 of this file.

 $ echo "     " > file.txt $ md5sum file.txt | fold -10 | head -1 95584f1920 $ rm file.txt 

As a result, we get a securely encrypted text file with strong passwords. You can copy this file to a USB flash drive and carry it with you or copy it to a remote machine to which you can access from the network, which will make passwords available anywhere in the world. And with forgetfulness, we can always recover the password from this file with a little effort. Plus, the fact that emaks cross-platform. And even in the absence of this, the .org files are plaintext, so we can decrypt the file with gpg utilities and open the file with any text editor. And finally, this method can store any private information.
')
Of course, I do not say that this method is unique and correct. But for me, this method was very convenient. I hope it is useful not only for me. Take care of your passwords. ; ^)