ForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 1 year agoSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comexternal-linkmessage-square237fedilinkarrow-up10arrow-down10cross-posted to: privacy@lemmy.worldtechnology@lemmy.worldfoss@beehaw.orgprivacyguides@lemmy.one
arrow-up10arrow-down1external-linkSignal under fire for storing encryption keys in plaintext on desktop appstackdiary.comForgottenFlux@lemmy.world to Privacy@lemmy.mlEnglish · 1 year agomessage-square237fedilinkcross-posted to: privacy@lemmy.worldtechnology@lemmy.worldfoss@beehaw.orgprivacyguides@lemmy.one
minus-squarePossibly linux@lemmy.ziplinkfedilinkEnglisharrow-up0·1 year agoIf someone has access to your machine you are screwed anyway. You need to store the encryption key somewhere
minus-squarex1gma@lemmy.worldlinkfedilinkarrow-up0·1 year agoYes, in your head, and in your second factor, if possible, keeping them always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.
If someone has access to your machine you are screwed anyway. You need to store the encryption key somewhere
Yes, in your head, and in your second factor, if possible, keeping them always encrypted at rest, decrypting at the latest possible moment and not storing (decrypted) secrets in-memory for longer than absolutely necessary at use.