10

I've recently begun using Keepass for my personal password management.

I am setting it up to sync between my home PC, work PC and mobile device using dropbox.

I'm going "all the way", and have changed my passwords to 32 character mixes of letters, numbers and special characters. Even for stuff I commonly use, like my primary email, I've changed to a long complicated password.

My one concern is a Total Loss Scenario.

If in some bizarre twist of fate I were to lose my home PC, my workplace PC and my iphone all in one fell swoop, I would have no idea how to login to any of my accounts - email, dropbox, etc. Thus making my ultra secure password database file inaccessible, even to myself!

Should I have one "entryway" for myself - setting my personal email or dropbox password to something that is complicated, but that I can commit to memory?

Any other suggestions on how to be both ultra secure, and to be safe from cutting myself off from my own passwords?

edit: Some people even suggest keeping an unlabeled holdout password written on a card in my wallet.

Improve this question
1
  • We either need to broaden the scope of the answers to match the title, or your title needs to change to "Total Loss (of password db) Scenario" or something like that.
    – NH.
    Commented Oct 23, 2017 at 17:54

2 Answers 2

Reset to default
8

The situation you're proposing is quite unlikely and worrying about it is time-consuming. What you have here is a pretty good off-site data protection plan for your usage. You have a copy that's almost always on you, a copy that's always in your home, and a copy at your workplace.

Since you're already worried about it, I'd say write your Dropbox password down. Yes, write it down and keep it in a physically secure place; keep it in your deposit box, in your money safe, or at your parents'/grandparents'.

In the rare case in which you really have no place to keep your Dropbox password, then simply choose a long, well-generated, and memorable passphrase. Nevertheless, I'm almost certain you'll forget it because you're most likely never going to use it.

Like Lucas suggested in the comments, it's also a good idea to keep a periodical backup on a securely-stored USB stick just in case.

Improve this answer
1
  • I was thinking you last pass it. Same as dropbox but like better and just for passwords.
    – Griffin Nowak
    Commented Jul 28, 2013 at 19:04
3

Don't store passwords in your wallet if you really need to store them physically, use a safe or deposit box. Preferably you would keep a few backups of your keepass database on a pendrive or other media. I store them on three different locations so that even of my place burns down, I still have a backup on another site. You also need to do this in case your Dropbox account gets blocked or deleted ( you never know).

Improve this answer
4
  • Isn't that what the OP already doing? By having Dropbox on his home computer and his work computer, the copies are locally stored on those computers. Even if Dropbox's servers explode and apes take over the planet, he'd still have both copies on both of his computers.
    – Adi
    Commented Jul 28, 2013 at 17:12
  • You need offline storage.
    – Lucas Kauffman
    Commented Jul 28, 2013 at 17:13
  • 1
    Having Dropbox installed on both computers means that copies of the files are stored locally (i.e. Offline) on those computers.
    – Adi
    Commented Jul 28, 2013 at 17:15
  • 3
    If someone deletes the file from your Dropbox account it will automatically be synced with all your devices and you will loose the file across all your machines. That's why you need offline storage outside of Dropbox.
    – Lucas Kauffman
    Commented Jul 28, 2013 at 17:18

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .