JDPFu.com 2024

Back Up Your Password Manager DB

If you did start using a PM, then you probably also knew to back it up to different computers, USB drives, Flash drives and get it off-site to your work PC or web server or even to an off-site backup service like Dropbox, Carbonite, S3, or even a friend’s house. Password Managers store the database encrypted (PM-DB), so if your pass phrase to access the DB is strong enough, then you are willing to post that DB pretty much anywhere without concern. Right?

As long as you’ve gone to any trouble to backup your PM-DB, and you probably carry a copy with you on a Flash drive, then you might as well use this DB for lots of other things too. Ok, enough of the preliminaries. What else can you do with a password manager?

Uses for Password Managers

Password managers allow storing text, images, blobs of data, whatever. You can enter any keywords that you like to help you locate or search for the record later. KeePassX provides full text search for every field (except the password) and I suspect the other PMs do that too. KeePassX also has expiration dates that can be used for all sorts of things.

You can store

1. Computer Passwords – obviously
2. Hard disk encryption keys
3. GnuPG / x.509 PKI Certificates for encrypted communications
4. Software license keys / renewal dates
5. Serial numbers for software, hardware, TVs, anything you may need to file an insurance claim later
6. Frequent Flier Numbers and passwords
7. Credit Card numbers, exp, verification codes AND 800 numbers (lost or stolen)
8. Contacts for rental cars, hotels, airlines that you use; you do have a go bag right?
9. Bank Account numbers, PINs, websites, and other access needs like all those stupid personal questions that banks ask to help you prove that you are you. I always lie on those so somebody who knows how to look that data up won’t gain access.
10. Important Addresses – think of all your family members contact information that basically never changes – it would be good to have that even if your cell phone dies, right? You don’t need every contact, just those 10 emergency contacts.
11. Insurance accounts
12. IRA accounts
13. Brokerage accounts
14. Government ID accounts (SSN, Tax ID, business EID, military ID)
15. WPA and other network access keys – for yours, work, friends and family who you visit
16. TiVo Media Access Key – so you don’t have to search for the MAC to get access to your TiVo again
17. Website passwords
18. Warranty expiration dates
19. Scanned images – receipts for important/costly items until the warranty + whatever protection your credit card adds (2x or 1 yr extra)
20. Health insurance data
21. Marriage license / Domestic partnership – imagine you are in the hospital because your partner has been injured but your last name isn’t the same due to professional reasons. Will the hospital allow you to make life or death decisions for your loved one without proof?
22. Any professional licenses – PE#, Dr license#, etc.
23. Proof of any certifications you may have earned
24. MAC address for your network cards – this is getting a little nerdy.
25. Any numbers/accounts for customer loyalty programs
26. QR-Codes for important items – perhaps even the image.
27. Text files with anything you like. For example, I used to have a text file with all my different accounts, passwords, telephone numbers. Rather than immediately create an entry for each, I just copied the entire file into the DB and saved it.
28. Famous quotes that you like.
29. Airbills, FedEx tracking, USPS tracking numbers, specialized shipping (with expiration dates)

If you are traveling outside your home country, you may want to add these items to your PM-DB too:

1. scan of your passport
2. scan of your immunization records
3. scans of visas that you had to get prior to leaving your country (mainland China visas).
4. Travel insurance policy numbers and contacts
5. Itinerary
6. Embassy locations and phone numbers around the world for your country
7. Hotel information for each different location you are visiting (name, address, phone number, reservation/confirmation number, you’ll want this on paper too (there is a story)

Since you have this encrypted database that will hold pretty much anything, why not use it?

Sure you can store lots of this information outside the DB, but will you

• back it up
• put it on 3+ different physical devices
• be able to easily grab 1 file and go
• maintain it, removing old data
• worry that something personal will get out
  All good questions. For me, having them inside a password DB is just easier.

I have 1 system that is my master password DB and that DB is automatically replicated daily all over the place. I only make updates/changes on this one system and no place else.

Other Ideas

If you need to mix account data for work/business and home, perhaps having 2 different databases would be a good idea. If you need to share accounts/passwords with others in your organization (server root passwords, router passwords, managed switches, DNS servers, etc), you may want to place those into a separate DB that gets shared and automatically replicated to only the specific people who need to know. For these types of shared databases, you probably want to use a highly secure, long, random 55+ character, pass phrase (which I’d store in my personal KeePassX-DB).

Obviously, you don’t really want to share root passwords in this way, there are better ways to control root access, but perhaps the CIO for a company should have a copy for emergencies?