---

Security Portal: Where Do You Hide the Key?

“People who use encryption on their home computers for personal
use may use it to keep some files on their hard disk encrypted, or
they may use it to protect their E-mail communications. In the
latter case, their private keys, corresponding to the public keys
people use to send E-mails to them, are also in the form of entries
in files on their hard disk, which also normally are protected by
being encrypted.”

And so there are files on your home computer’s hard disk
that are encrypted. If the key to decrypting them were also sitting
on your hard disk, there wouldn’t be much point to that
encryption.
But a 100-bit binary key is equivalent to a
30-digit number. Not many people can easily memorize 30-digit
numbers….”

“Often, people who work with computers need to memorize several
passwords, each one for a different computer system. Some operating
systems limit passwords to 8 characters in length, and this makes
it necessary to use passwords with special characters, and so on.
In addition, users may be required to change their passwords every
few months. If one of the computer systems for which you have
memorized a password is one you only use at infrequent intervals,
this is a recipe for forgetting the password. (Or writing the
password down. Memorizing one pass phrase, and using it to protect
a file of passwords stored on a personal organizer, is one strategy
for dealing with this which is already popular, and is likely to
become increasingly so.)”


Complete Story