Storing the secret key besides paper

Jo_ann77
Jo_ann77
Community Member

I've been searching the forum, but could find anything on nitrokey (yubikey yes) or a usb storage device.

I tell myself that besides saving my emergency kit somewhere safe is gamble regarding theft and fire.
So here is my 'solution' ...

Can I store my secret key on a usb stick like a nitro key as they have storage capacity and thru that way I can save my emergency kit as a jpg and don't have to type anything to avoid the risk when being key logged (iMac).
With that I can carry it as a necklace or such in combination with a paper storage than I'm much safer if I loose due to fire or burglary my key's/pw's.

Please share your knowledge and view on this one as I realize that when loosing my 1pw data (yes I'm aware of remembering my mpw, but that is just the point I'm human too so I like to have some backdoor to help me when lets day age is getting the better of me ...

Please share your knowledge and thoughts on this one.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided

Comments

  • Jo_ann77
    Jo_ann77
    Community Member

    This seems to tick the boxes
    https://istorage-uk.com/product/datashur-pro/

  • AGAlumB
    AGAlumB
    1Password Alumni

    @Jo_ann77: That's interesting. Honestly, it isn't something I'd ever considered though, as the following options are sufficient for me:

    • Many authorized devices, so losing all of them at once is unlikely
    • Emergency Kit stored securely off premises
    • Additional Organizers in my family to perform recovery

    That's not to dissuade you from taking additional precautions if you feel they're warranted, but I find that I worry about things more than necessary unless I look at the situation objectively. You may be in a similar boat and decide that what you already have is sufficient, or that your situation is different and warrants other measures being taken. Good that you're thinking about this. Cheers! :)

  • Jo_ann77
    Jo_ann77
    Community Member
    edited March 2018

    @brenty,

    Thanks for the reply it's apprecitated.

    Firstly your answer is different if you for example are single and having family that's not closely to you (this however can be both good or bad thing .... :-)
    Secondly storing the EK paper is readable to anybody so that is not a relaxing thing for me too.
    Thirdly a physical vault me come in handy no doubt but not everybody has a one for what ever reason.

    Therefor a bit depending on ones personal/private situation I still feel that the product from the above link is a very well thought out product that does the work as it has depending on the model a very high security level and that can be very beneficial depending a bit on ones private situation.

    Because of the wonderfull security level of 1PW one is tempted to put in lots of very personal information not to mention information on cryptocurrencies that in the paper era belonged in a physical vault, however in this digital era things are different. So by making things more difficult by adding a extra layer of security thru a device like this is something to be considered seriously but than again I have no technical knowledge and most likely 'see't things there for different :-)

  • AlwaysSortaCurious
    AlwaysSortaCurious
    Community Member

    You still have to share the pin code and location of the stick, assuming, like all flash drives, it didn’t go bad... I know, not helpful, but it does become a bit layered in the end.

    Mine is on hard copy in a shoebox in my closet. If I get robbed, we’ll, I’ll change the password quick, assuming the didn’t steal the box with the 10 year old receipts.

    Reminds me that I have to update the master password!

  • AGAlumB
    AGAlumB
    1Password Alumni

    You still have to share the pin code and location of the stick, assuming, like all flash drives, it didn’t go bad... I know, not helpful, but it does become a bit layered in the end.

    @AlwaysSortaCurious: This is something that always worries me, because I've had plenty of drives die on me over the years. I had a USB flash drive just stop working recently. Really upsetting. The only reason I am not freaking out about it was because there was nothing critical on it, just some stuff I'd copied there temporarily while traveling. Super in convenient though. Had that been my 1Password.com account's Emergency Kit and I'd only found out the drive was dead when I needed it, it would be a different story.

    Mine is on hard copy in a shoebox in my closet. If I get robbed, we’ll, I’ll change the password quick, assuming the didn’t steal the box with the 10 year old receipts.

    A bit dicey for my own tastes (I tend to be a worrier, so I take measures less for security than so I can sleep at night), but indeed, if someone stole that and used it before you'd changed your credentials, you'd get a notification telling you about the new sign in. Not a great situation to be in, but that can help you do damage control.

    Reminds me that I have to update the master password!

    Oh dear. Yes, please do if you've changed it since stashing the Emergency Kit! :scream:

  • AGAlumB
    AGAlumB
    1Password Alumni
    edited March 2018

    Thanks for the reply it's apprecitated.

    @Jo_ann77: You're welcome! Thanks for bringing this up! :chuffed:

    Firstly your answer is different if you for example are single and having family that's not closely to you (this however can be both good or bad thing .... :-)

    Absolutely. You're right that recovery isn't available if you have an individual 1Password.com membership, though I did want to mention it since that can be an incredibly helpful option for anyone who is part of a team or family plan.

    Secondly storing the EK paper is readable to anybody so that is not a relaxing thing for me too.

    I hear you, but that's kind of the point. After all, if you're really in a bad way, what's to say you'll even be able to remember the passcode to unlock some external encryption where you're storing your Emergency Kit, if you've already forgotten your Master Password and lost access to all of your other devices anyway. Again, it's your call, but we need to try to recommend things that will be the best option for most people — e.g. storing a printed copy of the Emergency Kit . But certainly each of us has to evaluate things based on our own situation.

    Thirdly a physical vault me come in handy no doubt but not everybody has a one for what ever reason.

    Yep! That's a great point. generally they are available though. It's just a matter of what each of us chooses to use. Nothing wrong with that. :)

    Therefor a bit depending on ones personal/private situation I still feel that the product from the above link is a very well thought out product that does the work as it has depending on the model a very high security level and that can be very beneficial depending a bit on ones private situation.

    Yep! It may be the preferred option for you and perhaps others. Different strokes for different folks. Each of us can decide for ourselves what measures are appropriate.

    Because of the wonderfull security level of 1PW one is tempted to put in lots of very personal information not to mention information on cryptocurrencies that in the paper era belonged in a physical vault, however in this digital era things are different. So by making things more difficult by adding a extra layer of security thru a device like this is something to be considered seriously but than again I have no technical knowledge and most likely 'see't things there for different :-)

    I am with you 100%. I keep everything even remotely sensitive (that I don't want to leave unsecured) or critical (that I don't want to lose) in 1Password! But I think while you can and should do what you feel is best based on your own personal threat model and habits, it's important to note that means you'll have to remember another password. If it's an easy one to remember, that means it will be easier to guess, and someone could potentially get at your Emergency Kit that way anyway. So in that sense it may be a false sense of security. On the other hand, if you use a long, strong, unique passcode for that purpose, it's just one more thing for you to forget, especially if you don't use it often.

    Note that I don't mean "you" personally, but anyone reading or any of us in this context. So generally we recommend using a single long, strong, unique Master Password to secure 1Password itself, and store the Emergency Kit in a secure location you can access it in if everything else goes wrong. A safe deposit box at a bank is good because there are measures to keep everyone else out, but you can still get in yourself by proving who you are if everything else has gone wrong for you.

    Anyway, fascinating discussion, and I thank you for starting it! I hope you'll understand that while it may sound like I'm disagreeing with you, I'm really not; I just need to try to offer another, broader perspective since anyone can read our comments here. But if you've found a good solution for you, and others find it works for them too, that's great. The goal here is to both keep our data secure without getting locked out of it ourselves, so whatever you can do to achieve that goal is a win as far as I'm concerned. Cheers! :)

  • Jo_ann77
    Jo_ann77
    Community Member

    @brenty
    Excellent reply and something to consider
    Thanks for sharing your thoughts and knowledge on this important subject its much appreciatie

  • AGAlumB
    AGAlumB
    1Password Alumni

    Likewise, I appreciate you giving me an opportunity to ramble on a bit; and with regard to others who are considering what they should do, it helps that you have a different perspective than I. :chuffed:

This discussion has been closed.