Password strength
kf4hcw
kf4hcw at lifeatwarp9.com
Tue Oct 21 14:24:21 CDT 2014
On 2014-10-21 13:43, Richard O'Neill wrote:
>
> Wouldn't it be risky to store a master password on a computer? Even
> if well encrypted it might still be hacked by the likes of
> sophisticated (Government) snoopers.
Technically you never store the master password on your computer -- you
remember it or store it elsewhere offline (just in case you have a
moment or need to give it to someone if your incapacitated).
What happens on the computer is that if you get the password right then
your other data can be successfully decrypted by your password manager
software. If you get it wrong then the data can't be decrypted.
Also, when you're using your password manager the encrypted passwords
are never in memory very long (at least for a good PW manager like
KeePass). The one pw you selected is decrypted and made available to you
for a handful of seconds and then it's wiped out again -- that makes the
window for capture very, very small.
> What about using multiplied combinations of large prime numbers to
> generate a key?
That's an interesting notion -- you wouldn't keep those prime numbers in
your head would you?
Also, if you're up against the government, all bets are probably off...
they have the resources to brute-force just about anything you're likely
to have on your machine without breaking a sweat-- and that includes
factoring polynomials based on large primes.
_M
--
kf4hcw
Pete McNeil
lifeatwarp9.com/kf4hcw
More information about the Tacos
mailing list