Halt, who goes there?
Authentication security is something I take more
seriously than some people. I use a different non-dictionary password each
time I'm required to make one up, using a
diceware
random generator. That's the easy part. The tricky part is making sure that
I have access to my cache of unguessable strong passwords when I need it.
- I keep records of each on my palmtop, encrypted with Keyring and a passphrase I never write down.
- As backup #1, I also have text files on my PC using gpg for encryption. Again, the passphrase is in my skull only.
- For my second backup, I have these text files on physical media in a secure location. This is in case I lose all my main passphrases.
All this effort mainly to safeguard some online transactions
and a couple of email accounts. But I would feel too vulnerable with much
less elaborate measures. To be honest, I don't know who the "bad guys" are
that I'm guarding against, but it feels better to have something like this
in case they're real.