Passwords should be changed like socks, “whether you need to or not.” If an individual has a large number of passwords to change, human frailty and normal tiring can result in bungled changes. If one has to keep track of separate passwords for email, facebook, twitter, paypal, dropbox, amazon, newegg, netflix, apple ID, chrome toolbar, on line banking, to name a few, even a private individual can turn to a password database utility.
To compensate, one can use the following procedure.
- Burn the password database to optical media, so that it cannot be modified.
- Mount the magnetic copy.
- Change passwords just as you would normally do so, until that unfortunate moment, when you are temporarily “locked out,” of an account.
- Do NOT change the new password in the magnetic copy.
- Save and unmount the magnetic copy, and mount the optical one, with the unchanged list of old passwords.
- Login to the account in question using original credentials.
- Paste the old password to notepad if needed.
- Unmount optical media database, and mount the magnetic copy again.
- Update password as you normally would do so.
When you have finished, it is natural to update the database “key,” and burn a static copy of the new database to optical media. This prevents loss by hackers or A.P.T. deleting the password database file. It is worth noting that even though the optical copy cannot be deleted, it CAN be copied surreptitiously for other attacks.
In a similar way, although thumb drives/flash drives cannot be write protected, SD Cards have a physical write lock, if this can assist your implementation.