this post was submitted on 22 Apr 2024
28 points (100.0% liked)

Open Source

31277 readers
273 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

I rely on Bitwarden (slooowly migrating from... a spreadsheet...) and am thinking of keeping a master backup to be SyncThing-synchronized across all my devices, but I'm not sure of how to secure the SyncThing-synchronized files' local access if any one of my Windows or Android units got stolen and somehow cracked into or something. I'm curious about how others handle theirs. Thanks in advance for sharing!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 9 points 7 months ago (1 children)

if any one of my Windows or Android units got stolen and somehow cracked into or something.

This shouldn't be a concern if you're using disk encryption and secure passwords, which is generally the default behaviour on most systems these days.

On Android, you don't need to worry about anything as long as you've got a pin/password configured, as disk encryption has been enabled by default for like a decade now.

On Windows, if you're on the Pro/Enterprise edition, you can use Bitlocker, but if you're on Home, you can use "device encryption" (which is like a lightweight Bitlocker) - but that requires a TPM chip and your Windows user account linked to a Microsoft account. If that is not an option, you could use VeraCrypt instead, which is an opensource disk encryption tool. Another option, if you're on a laptop, could be Opal encryption (aka TCG Opal SED), assuming your drive/BIOS supports it.

TL;DR: Encrypt yo' shit, and you don't need to worry about your data if your device gets stolen.

[–] [email protected] 2 points 6 months ago (1 children)

do not do anything in this post until you have backups that you know run and work.

device encryption is fantastic.

[–] [email protected] 1 points 6 months ago (1 children)

I'm mortified to say I could certainly do more in this regard. Do you recommend a preferred method?

[–] [email protected] 2 points 6 months ago (1 children)

What matters is that the backups are done at the appropriate intervals and verified to be readable.

You can figure out what interval is appropriate. Some people have to make sure every picture is saved, some people are fine losing a month of stuff.

Verifying the backup is valid equally important. You don’t wanna find out it was misconfigured and didn’t get your user directories when you try to restore. Just open one up and look to see every once in a while.

At least fifteen years ago you could set up windows backups through the control panel > backup or something menu. Now on 10 it’s settings > updates and security > backups.

You can click add drive from there and designate a usb or something as your backup drive.

Then set an alarm to make sure you remember to do it at the designated interval.

With android the easiest thing is to sync it to a computer that gets backed up.

You can use cloud services instead of a hard drive too, but often simple and easy to understand is the best place to start.

Do you know why it’s important to have backups before using full disc encryption?

[–] [email protected] 1 points 6 months ago (1 children)

Right, I can imagine that I could lock myself out otherwise. Thanks for the walkthrough!

[–] [email protected] 1 points 6 months ago

The lockout I see most often isn’t from people forgetting a password or key, but from motherboard failure with a key stored in the motherboards tpm or cpu.