TransWikia.com

Hardware components based on which to generate password

Information Security Asked by Geo M on December 10, 2021

I want to generate a password for a Keystore in java on Windows platform.

I would like to make a HASH out of some hardware information from my computer and some salt.

My question is: which hardware or system information i should use for my password generator? I want something that is 100% guaranteed it does not change so i can generate the same password over again. This way i don’t lose access to my data.

Thank you!

hardwarejavapasswords

2 Answers

On windows, you can use the DPAPI to protect your keystore and ensure that the data can be decrypted only on the machine on which it was encrypted (or if you want, by only the user that encrypted it).

This will be a more straight forward approach than trying to generate a hash out of hardware information, will provide the same (or better) degree of security and will have less chances of making a mistake and would also avoid the problem of hardware changes resulting in data loss.

Answered by nobody on December 10, 2021

  1. If you were on Linux, you could simply query /dev/urandom to get the random value without carrying about what the source of the randomness exactly is. But yes, the device will use noise generated by the devices to increase the entropy.
  2. On Windows you may use the Windows equivalent: https://stackoverflow.com/questions/191335/windows-equivalent-of-dev-random
  3. But you may also use everything else that is meant for crypto purposes. You have tagged your question with [java]. In Java you may use the SecureRandom class. The output is unpredictable and this should be the most important concern regarding a random number generator.

Answered by Marek Puchalski on December 10, 2021

Add your own answers!

Ask a Question

Get help from others!

Recent Questions

Recent Answers

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP