First8 staat voor vakmanschap. Al onze collega’s zijn een groot aanhanger van Open Source en in het bijzonder het Java-platform. Wij zijn gespecialiseerd in het pragmatisch ontwikkelen van bedrijfskritische Java toepassingen waarbij integratie van systemen, hoge eisen aan beveiliging en veel transacties een belangrijke rol spelen. Op deze pagina vind je onze blogs.

How to change password manager safely using linux

This is a quick how to on migrating your passwords from one password manager to another.

This typically requires that you export all your credentials to plain text in XML or CSV, so that the other password manager can import it.

Finding safe locations

The ssd or harddisk is a risky location: you may forget to remove the file. Also, when your disk is not encrypted the file contents could be retrieved when your laptop gets stolen, even after deletion[1][2].

Linux by default exposes a parts of the filesystem that are actually RAM, using https://en.wikipedia.org/wiki/Tmpfs. In general you can find these places like this:

mount | grep tmpfs

For instance /run/ ,  /dev/shm/ and quite often /tmp are using tempfs. 

The procedure

  1. Investivate what format can be imported on the new password manager
  2. Export your passwords to a safe location
  3. Import your passwords
  4. Verify that the import is succesful
  5. Remove the transfer file

 

Therefore, If you forget step 5, a reboot will make that data unavailable.

Take care

While that storage is memory, your data may end up in swap space.

A few ways out: disable swap for this procedure. Use full-disk encryption. Or encrypt swap space https://feeding.cloud.geek.nz/posts/encrypted-swap-partition-on/

 

 

[1] Automation here helps the adversary. Scanning an entire drive for usernames / passwords just takes time.

[2] In the floppy disk days, I once retrieved a lot of lost data from an Amiga disk (double-sided), that was accidently formatted on one-sided by a C64…