Two Password Management Data file


In many countries journalists and human rights workers are under threat from the authorities who wish to know what the journalists have written.  The contents of what has been written can cause the journalists or human rights workers to be killed.  In these countries it would be prudent for the journalists to keep their work encrypted.  The encrypted work requires knowledge of the passwords which could be beaten out of the journalists or human rights workers.  A good journalist will keep a record of different sources in order to verify the accuracy of the story.  The sources could be compromised by passwords to encrypted files being extracted from the journalist/human rights worker under torture.  If the journalist human rights worker cannot know what the password is then no amount of torture can extract the password.

The program has the ability to load and edit keyboards to help ensure that passwords cannot be known.  A  loaded keyboard can be destroyed.  No keyboard no password.  A keyboard can be loaded here to be used later when accessing a password file or can be loaded at the time of entering a password to a password data file.

The keyboard has another important use.  The strength of an encrypted work depends on three things

  1. The strength of the encryption algorithm and its resistance to weaknesses.
    1. met by choosing encryption algorithms that have been well researched and passed by the cryptography community as a strong encryption algorithm
  2. The length of the encryption password
    1. The longer the password the more difficult for the encryption to be cracked by a brute force attack
  3. A Byte has 256 different possibilities.  Many passwords can only use a fraction of these 256 different possibilities.
    1. The larger the fraction of 256 different possibilities each byte of a password can use the stronger the password can be.
  4. The randomness of an encryption password
    1. The more random the password the more difficult it is to guess
  5. The probability of an encryption password being in password cracker
    1. A password cracker used by a large organisation can have a very large database of phases and words that have been published somewhere.
    2. A password cracker database can check through its database extremely quickly and the probability of a long password being found is no different to that of a shorter password.




The use of a password that is not in a password cracker's database requires a random password.  Long random passwords are extremely difficult to remember unless they are practised being used frequently.  The use of a Screen keyboard enables the typing of awkward characters and enables the typing of long random passwords.  By having different keyboards which can be created and saved the creation of difficult to remember random passwords is made easier.  At the same time remembering of a typed keyboard password can be made very difficult if not impossible to remember.


Another important point is that people find it difficult to navigate computer programs from user descriptions.  Many people can recognise a computer program they have used.  Many of these same people have great difficulty describing the program to someone else.  This is useful in that it adds difficulty and thus makes it difficult for a human rights person to describe program usage description under duress.

When practising the tutorials it is worth using a Ramdisk. For further details of a ramdisk go here

Two Password Manager Many websites have a requirement for a login password.  Each website needs a different password.  With so many websites it becomes impossible to remember all the passwords.  Thus there becomes a need for a password manager.  A password manager
need long random passwords for security. 
  • The password must be random enough not to be in a password cracker's dictionary. 
  • The password must not be stored any where to prevent someone finding it. 
  • The password needs to be protected from a keyboard logger.
  • The password needs to be created in such a way as to be random but capable of being remembered.
  • The password manager needs to be able to hold not so sensitive passwords and thus
    • be in plain site
    • easily accessible
    • not easily forgotten under duress
  • The password manager needs to be able to hold sensitive passwords and thus
    • not be in plain site
    • easily so easily accessible
    • easily forgotten under duress.
A 50 character password is strong.  A 116 character password is even stronger.  A 50 character password is difficult to remember. A 116 character password is even more difficult if not impossible to remember.  Because of this I have restricted the password to a password data file to 50 characters with provision to use a 116 character password inside the password data file to access another password data file.

 

Two Password Management Data file

Examples

There has been a growth in SSD Hard Drives or Hard Drives with SSD Cache.  With a hard drive it is relatively easy to over  write Data and know that you have over written it.  With a SSD Drive or a hard drive with SSD Cache there is no guarantee that unsecure data is over written.  Operating systems with disk drive journalling systems can create sensitive data leaks.  For sensitive data passwords it becomes necessary and imperative to create a small ramDisk with a FAT file system to temporary hold data before copying it elsewhere.

 This program can act as a password manager for 60 passwords.  Each password has a 210 byte data structure.  60 times 210 + 800x1024x1024 (size of program) is less than 1MB.   It is thus advisable to have a ramdisk of not less than 1MB.  Add space to test facilities the program provides it probable advisable to have a ramdisk of 20MB.  Both Linux and Windows have the means to provide ramdisks.

Down load secondpassworddata.jn.ezp to ram drive.  This file uses Zip type compression and can be uncompressed by the program.  This file takes up less room than the three files it compressed.  The instructions to uncompress this file follow.

uncompress  "secondpassworddata.jn.ezp"

View 2rd Password Data File after uncompression

Encrypt File with 2rd Password Data File

Decrypt File with 2rd Password Data File



Example of creating and using 2rd Password Data File


Directory "password" created


Directory "2password" created

Second password encrypted SHA1 log file of directory "check"

"5 SHA1 Log"- checks directory against 2 password encrypted log file


"6 Double SHA1 Log" - checks directory against 2 password encrypted double log file