Re: Password / Encryption Scheme
- From: "Keanaz" <beerlodge@xxxxxxxxxx>
- Date: Fri, 10 Mar 2006 15:01:55 +0000 (UTC)
most of the security you want would come from
security awareness training of your users
along with management buy in
"Dave McAuliffe" <DaveMcA@xxxxxxxxxxxxxx> wrote in message
news:65p2121onbjlctmdvqm2fcbcm8ujsc4iqm@xxxxxxxxxx
What are the weaknesses in the below plan?
I'm addressing password/keyfile encryption file protection for work
and home purposes. I'm considering using an easy password in the
belief that complex ones need to be written down and therefore pose
their own risk for being breached, and easy ones are nowhere to be
found in writing. In addition, I'm considering the encryption key as
being a part of the password.
The keyfile will *not* be kept on the same computer that it was used
to encrypt. It will be put on floppy, thumbdrive, etc. and kept in
pocket or purse not in the computer case. Therefore you would need
the floppy in order to decrypt the PC file, and if the keyfile were
compromised, it would need to hook up to the PC and then the password
would then need to be known. This separation of the encryption key
and the coming together of three elements, password - keyfile -
computer, is what I'm banking on for relative security.
All personnel (road people) would use the same password/encryption key
file. Any files sent to the office would be decrypted on that end. At
employee turnover, 100% re-encryption would be done with a new keyfile
based on a new password.
--
Dave
Central Mass. USA
To email: Replace
mailinator.com with email.com
.
- Follow-Ups:
- Re: Password / Encryption Scheme
- From: Dave McAuliffe
- Re: Password / Encryption Scheme
- References:
- Password / Encryption Scheme
- From: Dave McAuliffe
- Password / Encryption Scheme
- Prev by Date: Re: Source Port 10000
- Next by Date: Re: Password / Encryption Scheme
- Previous by thread: Re: Password / Encryption Scheme
- Next by thread: Re: Password / Encryption Scheme
- Index(es):
Relevant Pages
|
