Thanks to tomas, Roberto, and likcoras! All good points! I'm embarrassed to admit that I hadn't thought (at least to the best of my recent recollection) of the need to encrypt swap--that's something I'll want to deal with soon.
On Monday, April 02, 2018 09:15:08 AM to...@tuxteam.de wrote: > On Mon, Apr 02, 2018 at 09:07:16AM -0400, rhkra...@gmail.com wrote: > > Just continuing to think (or maybe not think ;-) about password managers > > / > > [...] > > I don't know of the others (I never felt the need for a PW manager > myself) but... > > > * during hibernation (or maybe suspend and resume): (I use neither at > > the > > > > present time, but, one stores the machine's state (including RAM) to > > disk, the other stores the (CPU) state to RAM while preserving the other > > contents of RAM.) Hibernation could result in the plaintext of > > passwords being stored on disk while the power is off, making the > > plaintext passwords vulnurable if the machine is stolen. > > ...that would be why, should you suspend to disk and care about privacy, > you'd put your swap onto an encrypted partition (not only passwords are > vulnerable -- many things in RAM like unlocked private keys, session keys > etc. are potential targets). > > Cheers > -- tomás