Should I worry about my physically lost, encrypted passwords?
June 16, 2008 3:16 AM Subscribe
So, I lost my USB stick. No big deal - except it has my password database on it.
posted by TooManyGadgets to Computers & Internet (13 answers total)
The password database is a KeePass variant, encrypted with a password that, while not weak, is only rated at 64-bits.
The USB drive also contains a copy of KeePass (but no other identifying information). It was a rather attractive model; I imagine that someone's picked it up and thought "ooo, shiny", and claimed it as their own.
Given that any Joe/Jane Dishonest could have picked it up, what are my chances of:
1) Having it picked up by someone who would actually try cracking it open (assuming they know how, or can be bothered), and
2) Them cracking open the database and causing me grief?
My question boils down to this: should I be worried enough to change passwords to key services, such as my e-mail?
I have a copy of the password database, so thankfully I still have access to everything I need to. (And my Internet Banking passwords aren't written down anywhere.)