Posted by: Ken Harthun
Password, Secure Computing, Security, Security best practice, Security management
Everyone of us has one: A user who has a “book” of passwords sitting in plain view at their workstation. This person absolutely insists on keeping passwords written down in longhand and refuses to use any type of password manager software. Yes, the book is usually closed and it’s not obviously labeled Passwords! in 72 pt. Arial Bold, but this means little in the way of true security. Any determined person could sneak in and look around. It’s a bad idea. Keeping the password list in your wallet is significantly more secure, but if you have a large list of passwords, this can be cumbersome. There is, however, one simple security precaution that works for those persons who insist on having a written list: Distributed passwords.
Distributed passwords derive from Public-key cryptography where there are two keys, one private, one public. Applying this principle to the password book, one simply splits the passwords into two sets of characters, writes one set down in the “public” book that remains visible and writes the other set down in a “private” book that is kept secret (perhaps by locking it up when not in use). This is extremely simple to implement and results in a much greater level of security. Here’s how:
Book 1 Book 2 Bank: 1234 Bank: 5678 Credit: 9876 Credit: 5432
You get the idea. The bank password is 12345678 and the Credit password is 98765432
This could be implemented with stored notes or spreadsheets as well, but if you are going to go through the effort of typing them and storing them securely, you may as well just use a password manager like KeePass or my favorite, LastPass.
In a future post, I’ll apply this principle to password succession in estate planning. Stay tuned.