Jump to content
loveworksdotcom

Data Security at the Border

Recommended Posts

In this thread regarding the need for a password re-entry after reboot instead of allowing biometrics (which I agree 100%), one of the posters mentioned the need for greater security when passing through the borders.

 

In my search for a solution, I came across 1passord's travel mode.  I am not now, nor have I ever been a 1password user so I don't know anything about the company.

https://blog.1password.com/introducing-travel-mode-protect-your-data-when-crossing-borders/

 

I realize that Enpass doesn't have a "travel mode" -- but I remember reading about how to remove your enpass vault before you pass through borders/immigration and then re-sync it when you are safe.

Would somebody with better information, experience or knowledge about how this works explain to me, in specific steps, how I would accomplish this safety method when crossing borders.  I travel internationally all the time, and I am more concerned about opening my passwords up to scrutiny and possible exposure.

 

Share this post


Link to post
Share on other sites

You can create a travel mode yourself:

Keep all important information only in an extra vault. The default vault contains nothing (or just passwords that you want to share with the border official ;-))

The extra vault should have a different password than your default vault. Do not store this password in your default vault (or delete it before traveling).

Only this extra vault is synchronized with the cloud. Best with an anonymous webdav server, that can not be associated with you. The iCloud is not so good because it's tied to the Apple ID, that you can look up in the phone, so the border guard might ask for the Apple ID password, searching and finding your extra vault there and will ask for this password too.

Also on all other devices (desktops, pads, telephones, etc.): the standard vault contains only a few unimportant passwords or remains completely empty. All devices synchronize the important data via cloud with the extra vault.

If a device is to be taken over the border, then the extra vault and the sync with the cloud must be deleted.

Only the standard vault - containing only unimportant passwords or fakes - remains on the device.

After successful border crossing, the sync to the extra vault on the (secret) webdav server can be restored and the extra vault restored to the device.

By the way, there is a big security advantage to synchronize all data only via an additional vault: The extra vault can be protected by a very complex password! It rarely needs to be entered, for example only after a border passage, when the sync is reestablished. A complex password protects the data, if the extra vault in the cloud should fall into the wrong hands. On the local device the password for the standard vault will also open the extra vault (unless it has just been deleted because of a border passage). The password for the default vault could be easier to type, because it is needed more frequently.

And you can use different passwords for the default vault on any device. Some passwords easy to type on a desktop-pc are very unconfortable on a small iphone for example

Edited by Fabian1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...