Stupid Security Tricks: Key Management
It’s smart to encrypt USB memory devices, but it’s stupid to attach the encryption key to the device.
Health bosses today admitted the memory stick was encrypted, but the password had been attached to the device when it went missing.
I’m sure they were so proud that they chose a secure encryption algorithm.
Glenn • January 14, 2009 6:20 AM
I’m suddenly struck by the idea that one should write one’s encryption code with a ‘duress code’ option that wipes the data instead of decrypting it.
Then put the duress code on the side of the device.