How can I securely store and access a backup passphrase?

This requires re-using the same password over and over as if you do one backup a week, you’re never going to be able to memorize all of those.

Not re-using passwords is one of the foundational pillars of good password security.

1 Like

You may be interested in a different approach to passphrase management:

Can this run in dom0? If it has to run in an AppVM, it then creates the same problem: how to copy/paste from it, to dom0 (or necessitating transferring a file - with the password in plaintext - into dom0)

1 Like

Wow. AI absolutely trounced you guys. From writing the prompt to solved in under 5 minutes. What a time to be alive.

For my own security, I’m not going to reveal my prompt or what it told me, but if you just ask your favorite chatbot how to do this, and you are Qubes and tech savvy enough to understand what it’s telling you to do, and the security implications of that, it should be pretty easy to solve - correctly and safely.

Obligatory disclosure: yes, I understand AI makes mistakes. yes, I understand it’s not perfect. yes, i understand all of the other things a certain kind of person just can’t wait to ‘teach’ me about AI right now. but the fact of the matter is, it is hanging from the rim right now laughing at this thread vs what it just told me and the solution to my problem that i now have.

1 Like

So are you just going to create a topic without providing a solution for others to benefit from, instead having them rely on trusting AI to solve their own dom0 use cases?

If LessPass can be trusted (I have no idea) and it can be used at the command line (I also have no idea) then it would probably work fine for this. If not, then find a password manager you trust and use it at the command line.

1 Like

That warning doesn’t mean it’s “obviously a horrible idea,” though. It’s just to inform the user, since some users may not like it, or it may not fit their threat model. If it were “obviously a horrible idea,” then why would the Qubes backup GUI even include it as an option? In other words, why would the devs go out of their way to give users a button if they believed that users should never press the button?

1 Like

“I want to use Qubes more securely”

Humans: “Nah it’s fine, you don’t need more security”

AI: “Here is how to do it”

AI wins.

1 Like