Red Squirrel
[H]F Junkie
- Joined
- Nov 29, 2009
- Messages
- 9,211
Figured I'd share as others may learn from this mistake.
Basically, my offsite backups go on my dedicated server that is online, under a "backup" account.
The problem is, the password to that account is in my PINs file, on my network. But if something was to happen to my network, making me need those backups, I would not have that password! Wow, what a fail. Thankfully I don't REALLY need them, but it just hit me. All my hard drives are at my parents' house as I'll be away from home for a few days and don't want to risk my data getting stolen (lot of B&Es in this area)
So this is kinda a good simulation test of a large scale disaster situation such as a house fire. I was wanting to get on my MSN and realized my passwords is in my pins database which is accessible from my offsite backups, but the password to get to it is in the pins database!
So yeah, I need to come up with a better setup I think. I'm not sure what. I can't just use an easy password that I can remember either. In fact I don't even think it's a password to get into that account, it's a shared key. But really if I can just keep the root password somewhere, or try to make one I can remember but that is still hard, maybe that's my best bet.
I'm just glad I caught this now. I can't imagine the horror if this was a real situation. I'd essentially have lost everything. I could get my host to change the root password, but the password to submit a ticket is also in that pins database.
I need to figure out a place to safekeep that database and update it all the time, methinks. It is encrypted, so I'm thinking I could gmail it to myself or something.
What does everyone typically do with their password databases for safekeeping?
Basically, my offsite backups go on my dedicated server that is online, under a "backup" account.
The problem is, the password to that account is in my PINs file, on my network. But if something was to happen to my network, making me need those backups, I would not have that password! Wow, what a fail. Thankfully I don't REALLY need them, but it just hit me. All my hard drives are at my parents' house as I'll be away from home for a few days and don't want to risk my data getting stolen (lot of B&Es in this area)
So this is kinda a good simulation test of a large scale disaster situation such as a house fire. I was wanting to get on my MSN and realized my passwords is in my pins database which is accessible from my offsite backups, but the password to get to it is in the pins database!
So yeah, I need to come up with a better setup I think. I'm not sure what. I can't just use an easy password that I can remember either. In fact I don't even think it's a password to get into that account, it's a shared key. But really if I can just keep the root password somewhere, or try to make one I can remember but that is still hard, maybe that's my best bet.
I'm just glad I caught this now. I can't imagine the horror if this was a real situation. I'd essentially have lost everything. I could get my host to change the root password, but the password to submit a ticket is also in that pins database.
I need to figure out a place to safekeep that database and update it all the time, methinks. It is encrypted, so I'm thinking I could gmail it to myself or something.
What does everyone typically do with their password databases for safekeeping?