This is a staging forum for AgileBits, not an official support forum. Visit http://discussions.agilebits.com instead.

Adding an option of creating a "key file"

[size="2"]Hi,



I have recently done a small research on means of protecting your confidential information from theft and found that most recommend 1P as the solution to all problems. I find that 1P is safe and can be trusted to keep confidential information (such as credit cards and bank accounts), and it is very useful as it hides information from key loggers. What bothers me is that there is only 1 password that keeps a potential thief from having ALL of your information. I didn't find many post on the internet that touch upon this topic. Am I the only one who is bothered by this?



I think it would be a good idea to add the option of creating a "key file", that you can store on a USB key, in order to create a second line of defense against a potential thief.



Does anybody else agree?



Please comment on this.



Thank you in advance.[/size]

Comments

  • dteare
    dteare Agile Founder
    Welcome to the forums shev.m!



    This is a great question. A keyfile would provide strong defence against brute force attacks, but of course this is only if the attacker does not have access to the keyfile. If you store the keyfile on your disk, or, if you had your machine stolen when the USB key was still in it, they would have the keyfile.



    My personal feeling is you want to know your data is safe even if an attacker has access to [b]all[/b] your information, including the keyfile. In other words, the only real protection you have is your Master Password and so you must make it a very strong password. Thankfully it is the only password you need to remember, so you can make it very strong and commit it to memory.