Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Safety for portables: Password Wallet' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Safety for portables: Password Wallet
Authored by: klktrk on Jan 29, '04 11:32:13AM

The problem with schemes like this is that they assume your data will only be compromised when you've logged out, or unmounted your encrypted disk, etc. The fact is that your data is most likely to be compromised when you least expect it. Your sleeping powerbook is stolen. Your Palm pilot is lost.

What you need is a storage mechanism that automatically re-encrypts itself and locks itself after an interval, say, 30 seconds. That way, a thief or opportunist has only a very slim chance of grabbing data. they would have to have your Palm pilot or laptop in their hands within thirty seconds of stealing it or finding it and without putting it to sleep.

With stuff as sensitive as bank logins, etc., it is worth every penny to invest in a tool that right for the job. I recommend Password Wallet, but there are others. Look for software that re-encrypts and locks its vault automatically after a brief amount of time. Also, it's cool if it can sync with Palm. Password Wallet has an application for Mac OS X, and for the Palm Pilot, and they sync beautifully.

Please, DON'T hack together an insecure solution. Identity theft is on the rise. $20 is money well spent towards helping secure your entire financial and personal life.

My 10 cents.

K



[ Reply to This | # ]
Safety for portables: Password Wallet
Authored by: valx on Jan 29, '04 02:46:27PM

SplashID contains all of these features as well.



[ Reply to This | # ]
Re: Safety for portables: Password Wallet
Authored by: henry on Jan 30, '04 10:03:23AM

Kristofer -- point taken. I did consider the issue of security whilst logged in, and I agree that this is not the ideal solution for everyone. Perhaps I should have included my thoughts on this in the original hint, but I didn't want it to be overly wordy.

I agree that this system does not offer any protection against someone stealing your machine whilst you're logged in, or remotely accessing your machine whilst you're logged in and the image is mounted.

I also agree that this system is, therefore, not a good solution for everyone. However, in my case, I take steps to secure my machine while online at home, and I'm behind a pretty good firewall while in my department. I also set my machine not to wake from sleep without a password, and I use a password protected screensaver on a short fuse. Either of these measures would cause a thief to reboot, thus unmounting the disk image.

I realise that this hardly constitutes a secure system, but when you consider that I use a strong password, which I change regularly, and that the nefarious types that engage in ID theft currently target windows machines (or at least expect to find a windows machine when they open the stolen bag), I consider it to be secure enough for me.

Of course, others will need to make that decision for themselves. For me, this system provides an acceptable level of security, especially when you consider the ease of use. Again, this is only my personal opinion, and I know you're not supposed to sacrifice security to gain usability, but, well, I'm prepared to in this case.



[ Reply to This | # ]