just discovered a huge flaw in my offsite backups

[Red Squirrel]

Figured I'd share as others may learn from this mistake.

Basically, my offsite backups go on my dedicated server that is online, under a "backup" account.

The problem is, the password to that account is in my PINs file, on my network. But if something was to happen to my network, making me need those backups, I would not have that password! Wow, what a fail. Thankfully I don't REALLY need them, but it just hit me. All my hard drives are at my parents' house as I'll be away from home for a few days and don't want to risk my data getting stolen (lot of B&Es in this area)

So this is kinda a good simulation test of a large scale disaster situation such as a house fire. I was wanting to get on my MSN and realized my passwords is in my pins database which is accessible from my offsite backups, but the password to get to it is in the pins database!

So yeah, I need to come up with a better setup I think. I'm not sure what. I can't just use an easy password that I can remember either. In fact I don't even think it's a password to get into that account, it's a shared key. But really if I can just keep the root password somewhere, or try to make one I can remember but that is still hard, maybe that's my best bet.

I'm just glad I caught this now. I can't imagine the horror if this was a real situation. I'd essentially have lost everything. I could get my host to change the root password, but the password to submit a ticket is also in that pins database.

I need to figure out a place to safekeep that database and update it all the time, methinks. It is encrypted, so I'm thinking I could gmail it to myself or something.

What does everyone typically do with their password databases for safekeeping?

 

[cymon]

Well, for remote access for file transfer, you could set up SFTP with public-key based authentication. Set up an account with a public key (no password on the public key), and then you have secure access to the backup server.

 

[rive22]

I hear ya man.

I keep all docs, passes, etc in double encrypted triple cipher striped containers on thumb drives.

 

[Red Squirrel]

Well, for remote access for file transfer, you could set up SFTP with public-key based authentication. Set up an account with a public key (no password on the public key), and then you have secure access to the backup server.

That's what I have, but when the computer that has the private key is stolen or burns in a fire, then I'm kinda screwed.

I've been thinking this over, I think what I will do is change my root password to something I can remember. It's not like it can be directly logged into, I still have to log in as my regular user account which I know the password for, then su. I also have fail2ban and it's on a non standard port, so think I'm farely safe.

I think I may also look into another program than pins. Something that works in Linux cli so I can run it right through SSH on the online server.

 

[ChRoNo16]

If it never changes depending length, just write it inside a case cover of ur system or something

 

[Red Squirrel]

What if my whole house goes up in flames, or/and it gets stolen? Chances are slim, but it's something I have to consider.

Though I was thinking of carving it into the concrete in the crawlspace under the garage. No, really. It's an all concrete "room" and would survive a fire, and since it would be carved right into the concrete, it's not like it could be stolen and anyone that happens to see it would not know what it is or what it's for... and chances are a robber would not even go in there. They'd look at the main crawlspace, see that there's not much there, and not go further to even look in there.

Though more I think of it, I just need to come up with a good password that I can remember. I know the password to get into the password DB, and it's a pretty complicated one, so I just need to come up with a similar but different root password, and problem solved.

 

[Pac-Man]

What does everyone typically do with their password databases for safekeeping?

KeePass + Master Passphrase (encrypts the KeePass DB) + Dropbox/GMail/S3/Safety deposit boxes in multiple physical locations

 

[stiltner]

I had my key database surgically implanted inside the brain of a small child.

Seriously. Part of disaster recovery on that level is weighing options you wouldn't normally weigh, with consequences you wouldn't normally care about.

Just don't let paranoia push you overboard. I'd say keep a 3rd party location as a drop, and be done with it.

If items are physically stolen, the keys are the least of your worries IMO, and more so that your data is gone. If its a cloud storage, then my concern honestly has always been "What if they go out of business tomorrow"

 

[C7J0yc3]

KeePass + Master Passphrase (encrypts the KeePass DB) + Dropbox/GMail/S3/Safety deposit boxes in multiple physical locations

This is similar to what we do. Use KeePass with a master passphrase that all our admins have memorized by now, with the database dropped into a privet Amazon S3 bucket on a weekly basis.

For your physical drives, if you can I would recommend encrypting them with truecrypt if you are worried about having them stolen, or at lease encrypt the backup archive (like the .tib for acronis). That way if they do get taken, you data is gone, but not accessible.

 

[evilsofa]

I've had an idea lately that seems too basic for someone to not have thought of it before, but here goes: make the password ubiquitous and publicly available in a way that only the user can decipher the password, yet make it dead simple for the user to decipher the password.

Make a random grid of letters and numbers, say 20x20 or 30x30 or 100x100. Generate your strong password by running a pattern on the grid. Say, start with the square that's 4 to the right and 3 down from the top left corner, go diagonally down to the left until you reach the edge of the grid, then continue down to the right and so forth; whether you bounce at the borders or cross to the other side of the grid is up to the user. All the user has to remember is the starting point and the direction. Over a very short number of uses, the pattern (and the first few letters and numbers of the password) should become very familiar and the user won't be able to forget it. You can have multiple passwords from the same grid. You can make extremely long passwords this way.

Now make the grid easily accessible and ubiquitous to the user. You can safely print out the grid on pieces of paper on site and off site. You can even post it publicly to the internet. Multiple users could use the same grid. If you're paranoid about password crunchers trying every possible combination of the grid, just make the grid sufficiently large to defeat the brute force approach (I don't know enough math to know how large that grid should be). Just don't be stupid and start from the corners of the grid.

Any flaws to that password scheme? Has it been done before?

 

[C7J0yc3]

I've had an idea lately that seems too basic for someone to not have thought of it before, but here goes: make the password ubiquitous and publicly available in a way that only the user can decipher the password, yet make it dead simple for the user to decipher the password.

Make a random grid of letters and numbers, say 20x20 or 30x30 or 100x100. Generate your strong password by running a pattern on the grid. Say, start with the square that's 4 to the right and 3 down from the top left corner, go diagonally down to the left until you reach the edge of the grid, then continue down to the right and so forth; whether you bounce at the borders or cross to the other side of the grid is up to the user. All the user has to remember is the starting point and the direction. Over a very short number of uses, the pattern (and the first few letters and numbers of the password) should become very familiar and the user won't be able to forget it. You can have multiple passwords from the same grid. You can make extremely long passwords this way.

Now make the grid easily accessible and ubiquitous to the user. You can safely print out the grid on pieces of paper on site and off site. You can even post it publicly to the internet. Multiple users could use the same grid. If you're paranoid about password crunchers trying every possible combination of the grid, just make the grid sufficiently large to defeat the brute force approach (I don't know enough math to know how large that grid should be). Just don't be stupid and start from the corners of the grid.

Any flaws to that password scheme? Has it been done before?

Already been done. http://www.passwordcard.org/en

 

[evilsofa]

Already been done. http://www.passwordcard.org/en

That's a pretty sweet implementation, with mobile phone apps to go with it! Bookmarked, thanks!