Episode: 1834
Title: HPR1834: Password Cards
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr1834/hpr1834.mp3
Transcribed: 2025-10-18 09:54:05

---

This is HPR episode 1834 entitled Password Card and in part on the series Privacy and Security
It is hosted by John Culp and in about 8 minutes long
The summary is how to hide a password using a Password Card
This episode of HPR is brought to you by An Honesthost.com
Get 15% discount on all shared hosting with the offer code HPR15
That's HPR15
Better web hosting that's honest and fair at An Honesthost.com
Hey everybody this is John Culp and lefty at Louisiana and I am recording a response
episode to a hookah's episode 1810 about the hacking of last pass and its implications
I got some positive feedback about the environmental sounds of my episode about headphones
when I was walking to work and so I'm recording while sitting outside in my carport this morning
I think it's early enough where my neighbor's air conditioner will not kick on
and at the moment all I hear are birds singing so it's kind of nice we might hear a car
go down the road toward the apartments here in a moment but for now it actually sounds pretty good
So I thought I would follow up on one of the things that a hookah mentioned
that you can do as a safety precaution I suppose if you want to have a very strong
password that you can't necessarily remember he suggested writing it down and putting it
in your wallet and this is something that I do although I don't just write down the password
and put it in my wallet I use something called a password card password cards I don't remember
when I first heard of the password card but it must have come across my GNU social timeline
or some other social media a couple of years ago but if you go to a website called passwordcard.org
it automatically the first time you go there generates a password card for you
and a password card is a little card about the size of a business card with a whole lot of
randomly generated characters numbers and letters and so forth and the idea is that you
choose a password from somewhere in this large block of randomly generated characters and it has
some different color codings and symbols color coded rows and symbols across the top to help you
remember where your password starts and where it ends and the idea is that you can hide your
password in plain sight securely because you are the only one who knows how many characters your
password has and also where it begins and ends on the password card so I printed out one of these
I think only one of my passwords is actually chosen from this card the downside is that
you would have to create you would have to change your password to something that is on this card
now I don't use last pass I use key pass for my password vault and that's different from last pass
in that your passwords are not stored on a server remotely they're stored locally in an encrypted
file and so you have to put your encrypted file well I mean you could put it somewhere else you could
put it on a in a drop box share or on a own cloud share or some other place like that but I choose
to keep the password file locally on each of my devices and if I add a new password or change
a password then I simply have to send the new password database file to all of my devices and update
it there but the idea is and by the way I like key pass because it works on Linux, Mac, Windows,
Android, iOS and I have used it on all of these platforms and it works wonderfully but there's
there's one password that I actually keep in my wallet on a piece of paper and it's because
every once in a while when I'm on campus in other buildings where I don't have access to my own
computer I may have to log into a network share on the system
pardon the noise of the truck there and I could unlock the password database on my phone
and find my password inside the key pass app that way but I have one my my university password I keep
on a password card in my wallet so that if I need to log on to one of these computers on campus
in a pinch I can get that out of my wallet and have the password in front of me now for that
password I actually created my own password card by using a Linux package called PWGIN
PWGEN is the package name and I will have an example in the show notes showing how to tell it
that you want to have special characters and how many character how many characters long you want
each password to do to have excuse me but you you can use PWGIN to generate a whole list of
passwords like it I think by default it generates something like 60 passwords at a time and
so you take the password that you want to save in your password card and simply embed it somewhere
in that big jumbled list of passwords in a way that only you will know where it begins and ends
and so that way you can keep your password in your wallet written down
but it's a little bit more secure than simply writing down the password all by itself
I suppose you could even tape the password to your monitor using one of these password cards
although I think I would not advise that that's I mean you're you're essentially giving someone
the character set that contains your password and somebody with the right tools would be able to
hack it much quicker that way so anyway I I encourage you to go at least check out passwordcard.org
maybe print yourself out a password card I have one and I laminated it so I keep that in my wallet too
think maybe one of my email account passwords is on that one I don't keep the keys to the kingdom
on this password my the password that unlocks my password database is one that I have memorized and
it is a fairly secure password it's not human memorable I just forced myself to memorize it
and so that one I don't keep written down but the one for my university accounts I do but it's
buried deep inside a password card so there's some level of security there all right I think
that's it thank you for listening I will talk to you later bye
you've been listening to Hacker Public Radio at Hacker Public Radio.org
we are a community podcast network that releases shows every weekday Monday through Friday
today's show like all our shows was contributed by an HBR listener like yourself
if you ever thought of recording a podcast then click on our contribute link to find out
how easy it really is Hacker Public Radio was founded by the digital dog pound and the
infonomican computer club and it's part of the binary revolution at binwreff.com if you have
comments on today's show please email the host directly leave a comment on the website or record
a follow-up episode yourself unless otherwise stated today's show is released on the creative
commons attribution share a light 3.0 license