Re: Chaniging focus: security ouitside a password manager (was: Re: Password Manager opinions and recommendations)
On Mon 02 Apr 2018 at 09:07:16 -0400, rhkramer@gmail.com wrote:
> Just continuing to think (or maybe not think ;-) about password managers /
> password security, changing the focus slightly (I think) but keeping the same
> thread.
>
> I'm now thinking about the security (or vulnurability) of passwords during
> "normal" usage--I mean, I'm thinking about the times when a password, even
> though stored in a very secure manner (in a password manager or encrypted
> file(s) of some sort), the password is viewable in plain text, and thus, to a
> greater or lesser degree, vulnurable.
>
> The first two situations that come to mind include:
>
> * during copy and paste operations, the plaintext password could remain on
> the C&P "stack". thus making it vulnurable: Some notes:
>
> (1) I've read about at least one password manager that, somehow, deletes
> the plaintext password from the copy and paste "stack" after a time delay--I
> didn't make a note of which one that was.
>
> (2) another approach could be that a password manager provides a
> facility to write the password to a designated textbox without using the copy
> and paste facility, thus, presumably, never putting the plaintext password on
> the copy and paste "stack").
>
> * during hibernation (or maybe suspend and resume): (I use neither at the
> present time, but, one stores the machine's state (including RAM) to disk, the
> other stores the (CPU) state to RAM while preserving the other contents of
> RAM.) Hibernation could result in the plaintext of passwords being stored on
> disk while the power is off, making the plaintext passwords vulnurable if the
> machine is stolen.
>
> My current approach to passwords includes storing them in an encrypted file
> which is only ever decrypted to a RAMdisk, with the idea / intention that, if
> power is lost, or the machine is shutdown, the plaintext passwords would
> disappear from RAM (except to the extent that (iiuc) there are (NSA) ways to
> recover the contents of RAM if power is restored to the machine fairly
> quickly). My assumption, without considering hibernation. was that the only
> remaining copy of the passwords would be in the encrypted files.
>
> Maybe my concern about these situations is unrealistic, but I want to consider
> it, so all comments are welcome.
>
> BTW, I can see that the Master Password approach might be the solution for
> most of the problem, unless I (or it) uses copy and paste to put passwords in
> a textbox.
If you are referring to masterpassword (masterpasswordapp) then copy
and paste is used here with a configurable timeout to input a password
to an application, and very useful it is too. Other password managers
also use the same technique.
AIUI, the clipboard is specific to my session. If there is another
application in the same session intent on reading the clipboard without
my knowledge, the length of the timeout doesn't really matter because a
microsecond would be sufficient for the master password to be obtained.
Of course, having such a password-reading entity on the machine would
mean I had lost control of the machine (maybe it does key-logging as
well) and would have a much bigger problem than deciding on the timeout
period.
--
Brian.
Reply to: