

Ask HN: How do you manage your secrets (gpg keys, etc) - codemac

Hi!<p>I&#x27;ve been getting a lot more into using git-annex[0], and I was thinking about the best policies for my personal secrets, as I want to encrypt and distribute my data everywhere now that I have a tool to do it. Currently I&#x27;m using LastPass + a usb drive of gpg private subkeys (mostly online) + print outs of revocation keys + another usb key with the master key (only use offline)<p>What software are you using?<p>e.g.: 1Password, KeePass, LastPass, gpg -d passwords.txt | grep ycombinator, dropbox with stealmystuff.txt..<p>What hardware are you using?<p>USB keys, yubikey, mobile phone 2fa, paper and pen, printers.<p>Just curious what the current best practices are, and what things have worked on the longest timescales.<p>[0]: https:&#x2F;&#x2F;git-annex.branchable.com&#x2F;
======
mercnet
What software are you using? LastPass

What hardware are you using? mobile phone 2fa

I have a decent size passphrase that I change every 3 months. I store the back
up keys for my gmail and dropbox account in my personal safe. I also have a
Truecrypt container for storing sensitive information like a backup of my
LastPass db. LastPass is very convenient but storing it in the cloud makes me
wonder if there is a backdoor for gov.

------
J_Darnley
Password safe for websites and I just memorise the password for that, my gpg
key, and my ssh keys. I'm sure the ones I have memorised are not as secure as
they should be but they are stored on my PC so if someone has access I have
bigger problems.

------
mo
I'm not using git-annex (yet), but I'm using the OpenPGP smartcards by G10code
for securely storing gpg keys.
[http://g10code.com/p-card.html](http://g10code.com/p-card.html)

------
junto
I store them as secure notes, or attachments in secure notes, using 1Password.
I'm quite happy with it so far.

------
abrkn
Lastpass, Boxcryptor

~~~
vhost-
Lastpass, KeepassX and `tar czf --to-stdout diroffiles/ | gpg -c -o
thing.tar.gz.gpg`

