Secure Way to Destroy Paper Back-ups of 1Password Vault?

cinetography
cinetography
Community Member
edited March 2015 in Lounge

Every couple of months I print out a paper copy of my 1Password Vault in a very small font. Does anyone know what might be a particularly secure but somewhat convenient (burning them isn't really an option where I am) way to destroy a couple pages easily and ensure that none of the information can be recovered? The font is really small on these pages, so shredding worries me a little.

Comments

  • Stephen_C
    Stephen_C
    Community Member

    Mix to a gloopy mush with warm water?

    Stephen

  • RichardPayne
    RichardPayne
    Community Member

    As long as you use a cross shredder then it should be fine.
    If you don't mind me asking, why is burning a problem where you live?

    That all said, the better answer is to stop printing out your passwords. Store the vault on a usb key along with a copy of the 1Password installer (or a small stand alone web server to access 1Password Anywhere).

  • Megan
    Megan
    1Password Alumni

    Hi @cinetography ,

    That's a good question! Generally our advice is to not print out your password database unless absolutely necessary. We hope that 1Password is with you everywhere so that you don't need your passwords in a printed format.

    There are some situations however where you might want an additional backup. We have an awesome user who has created the 1Password Emergency Kit that can help you organize your digital life and prepare for an emergency. Documents like this (or a fully printed version of your passwords should always be stored in a secure location like a safe or a safety deposit box.

    For disposing of outdated password backups, my first suggestion would be shredding - although I do like Stephen's idea of creating your own recycled paper!

    Perhaps Richard's suggestion might be the most useful here. Storing your 1Password data on a USB drive makes for a handy little backup, and the bonus is that it's already encrypted - no need to consider burning or mushing or shredding. :)

  • RichardPayne
    RichardPayne
    Community Member

    although I do like Stephen's idea of creating your own recycled paper!

    Papier-mâché is much more fun. ;)

  • Megan
    Megan
    1Password Alumni

    Hi @RichardPayne ,

    You're right! It's been far too long since I've done that type of crafting! :)

  • Iwouldrathernot
    Iwouldrathernot
    Community Member

    Is there a secure way to search for and eliminate print jobs such as a password back up that may have saved as a printer or wordprocessor temp file.
    I see temp files created to prevent data loss from interruption and have "print to file" intermediaries found on other documents and was concerned that there might be saved copies from unencrypted word processor or printer tasks.
    Thanks

    Richard

  • jpgoldberg
    jpgoldberg
    1Password Alumni

    As others have mentioned, there are lots of secure ways to get rid of paper. A crosscut shredder is the standard recommendation. (A non-crosscut shredder is insufficient against a resourceful attacker.) And then there are creative ways suggestions, such as pulping the shredded paper and using it in various ways.

    But the question of "temporary" print files is harder. There is no simple answer to this because it depends on your printing setup. Lots of temporary files can be created in the process of getting a file from an application/program to actually pigment on paper. On the Mac, files waiting to be printed live in /private/var/spool/cups/tmp, which would require root access to read. Things would stay there only if there were some problem with the printing, and that directory is not included in normal backups.

    It is also possible under some circumstances for a temporary file to be created in the application cache. This is particularly true if you "Preview" a printout. Again, the storing/clearing of this data isn't managed directly by the application (1Password in this case), but by the operating system. These cache files will be readable by the user and may persist until the application exits. Again, these files are not included in backups.

    So the answer is that you should be the only one in control of your computer when you print confidential information. Someone else who has control of your system, will be able to read what you print. Once everything is printed and the application closes, there should be little trace of the file remaining.

    When those temporary files are removed, they are not removed with "secure delete". That means that for some time after they are deleted, some of the data from them may be recoverable by someone who gets physical access to your hard disk, and examines it for unreferenced data. Exactly how long some data hangs around is hard to predict (it may be substantially longer on Solid State Drives than on spinny Hard Disk Drives), but more and more of the data will be physically overwritten on the disk as the system is used.

    As always, you need to adjust your behavior to your perceived threats. If printing proceeds without a hitch, then the temporary files will be deleted quickly, particularly if the app doesn't cache it. (You can quite and restart an app for clear that cache.) So only if something went wrong with printing, may you need to take steps to clear the print queue. If you don't anticipate that someone will grab your disk and perform block recovery on it shortly after you print, then you should be happy printing things.

  • If you don't mind me asking, why is burning a problem where you live?

    At least in NYS most burning is illegal: http://www.dec.ny.gov/chemical/58519.html

  • RichardPayne
    RichardPayne
    Community Member

    Oh lol. The world's going crazy.

  • Iwouldrathernot
    Iwouldrathernot
    Community Member

    Thanks JP
    I was aware that there was a security issue raised by printing, beyond the hard copy, and was trying to secure it
    good help with the Mac, which has had 1PW printing better than the win versions.
    computers stolen, lost or disposed of without scouring are a concern.
    Counting on the ineptitude of evil doers is comprising a progressively smaller part of my strategies for security.
    Goes with greater watchfulness of the "helpful".

    Thanks again for your pointers

  • AGAlumB
    AGAlumB
    1Password Alumni

    @bwoodruff: I too am partial to fire. Condolences. :(

    @Iwouldrathernot: Indeed. Great discussion here! Most importantly, knowing the risks so you can make an informed decision is key. Knowledge is power! Cheers!:)

This discussion has been closed.