Over the weekend I was in a backup mood, so I decided to start backup everything on my local computers. First of all, I started with sensitive data (which I call vault), namely:
- credentials for local and remote machines
- SSH keys (and associated passphrases)
- Hard Disk encryption keys
- Wi-Fi passwords
- PGP keys (and associated passphrases)
- PINs
- Credit Card numbers
I usually put every item of this list on an external drive which will be then copied as an offsite backup in a remote location (sorry, no cloud); and I usually store passphrases in a different drive than the ones which contains keys.
As a shower thought, I think “Why not having a copy of all that data in a paper format?” A downside of this approach is that data is plain and accessible to everyone having a look at that paper.
Given I recall my PGP private key passphrase very well (and it’s long enough) and key is stored in a very secure location, I decided to:
- Dump all the raw data of the vault in a text file
- Encrypt it with my public key
- Print the resulting ASCII file (which resulted in roughly eight A4 pages of text). I used Consolas font, size 8.
If I would ever have to access that file, I will need to:
- Scan the 8 pages and OCR all data, hoping all characters are decoded correctly
- Retrieve my PGP private key and passphrase
- Decrypt it
Yes, it’s an emergency last resort. What do you think of this approach?