Thursday, September 26, 2013

How to store password securely but also accessible from almost everywhere with Dropbox and Ccrypt

As almost anyone, I have dosens of accounts for different web services and my job also requires me to know a few hundred passwords. It is impossible to remember all of them and I need to be able to access my username/password list from various places.

I'm no security expert, but I think what I devised should work reliably. It basically works like this:

I store the account information in plain txt files, then I encrypt them with ccrypt, then I put them in my dropbox folder. This way they are available to me everywhere where there is internet and a device with ccrypt and I only need to remember the password for the encryption and dropbox. If I need to open the text files, first I copy them outside the dropbox folder so that unencrypted files do not get synced to the server, then decrypt them with ccdecrypt and finally open them.

In ubuntu you can install ccrypt by tying this to the terminal:
sudo apt-get install ccrypt

You can encrypt files by typing:
ccrypt filename

And decrypt by:
ccdecrypt filename.cpt