Ask HN: How do you manage your secrets (gpg keys, etc)
Hi!
I've been getting a lot more into using git-annex[0], and I was thinking about the best policies for my personal secrets, as I want to encrypt and distribute my data everywhere now that I have a tool to do it. Currently I'm using LastPass + a usb drive of gpg private subkeys (mostly online) + print outs of revocation keys + another usb key with the master key (only use offline)
What software are you using?
e.g.: 1Password, KeePass, LastPass, gpg -d passwords.txt | grep ycombinator, dropbox with stealmystuff.txt..
What hardware are you using?
USB keys, yubikey, mobile phone 2fa, paper and pen, printers.
Just curious what the current best practices are, and what things have worked on the longest timescales.
[0]: https://git-annex.branchable.com/
6 comments
[ 3.4 ms ] story [ 21.4 ms ] threadWhat hardware are you using? mobile phone 2fa
I have a decent size passphrase that I change every 3 months. I store the back up keys for my gmail and dropbox account in my personal safe. I also have a Truecrypt container for storing sensitive information like a backup of my LastPass db. LastPass is very convenient but storing it in the cloud makes me wonder if there is a backdoor for gov.