Keeping Secrets A Secret: Stop Sharing Sensitive Information Via Email And Chat

You only want to share passwords with people you trust, and to minimize any risk when you do. When you send people passwords via email or chat, there are copies of that information stored in places you would not want them to be stored.

There is a more secure option to keep passwords safe. Meet Cloak (https://www.cloak.sh/)

What are examples of account and password information that people share?

There are several situations when people share account information, including passwords:

• Sharing Netflix, iTunes or Hulu account information
• Passwords for encrypted zip files
• Login details for email
• Account information for social sites like Twitter, Facebook and Instagram
• Connection secrets, tokens and keys
• Sharing login information for media, advertising or marketing services like Mailchimp, Salesforce or Google AdWords.
• Ordering through shared shopping accounts like Amazon Prime
• Private certificates
• WiFi access keys and passwords

Why is sharing passwords or other sensitive information via email a bad idea?

Using e-mail for transporting any sensitive information is insecure because once the e-mail has left your organization, you’ve instantly lost any control you may have had over it. This creates a few different problems;

• Sensitive infromation often sits in a users inbox. If account is compromised any e-mail with sensitive information is available to the hacker
• A receiving user can forward the e-mail to parties that should not receive that information
• There is increased surface area for exposure because there are servers that have sent the e-mails and servers that have received the e-mails
• There is no governance over retention rules or archiving practices on the receiving side. Information that should have limited lifespans can potentially live forever on a server with no archiving or deletion practices

Hacks do happen, just ask Yahoo!

Is sharing passwords or other sensitive information via chat a better choice?

No. Chat apps like Slack or Hipchat are great place to have team conversations, but that doesn’t mean you should treat them as secure for sensitive information. Never use these apps to to share secrets such as passwords, sensitive customer data, or valuable corporate IP. Chat services are also available from many different devices, including those with security settings of which you can’t control. For example, a user may install Slack on a personal mobile or home computer outside of company protocols. While these apps typically do a good job of security, both Slack and Hipchat have had issues in the past. Even if Slack or Hipchat themselves are secure, there is also the risk someone leaves the door to your “chat” house unlocked.

Using Private, One Time Secure Links

Cloak creates a one-time secure link which means the information only persists for a single viewing. After viewing the link it can’t be read by someone else later. This allows you to send sensitive information knowing it’s seen by one person. Think of it like a self-destructing message to keep passwords or other sensitive secrets safe. Once you display the message it is deleted, gone forever.

Here are a few other perks that come with using Cloak for sharing sensitive information:

1. Delete a secret that has already been created. You “🔥 burn” or delete your secrets. This will delete the secret forever.
2. Retaining non-viewed secrets: We keep secrets for up to 7 days for anonymous users and up to 14 days for free accounts. After that they are deleted automatically and gone forever. The process is quick, by the time you read a secret, it’s already deleted from our servers.)
3. Maximum size of a secret: You can send a fair amount of information with Cloak! The maximum message size is 25KB for anonymous users and 50KB for account holders.
4. Optional passphrase: If you include a passphrase (available under “Get even more security”), it adds an extra layer of security. We don’t store the passphrase (only a 🐡 bcrypted hash). A recipient of the private link will not know what the secret is because they can’t decrypt without the passphrase. Only when you share the passphrase will can it be decrypted and viewed.
5. Share a password for protected file: If you have shared a password protected zip file, don’t share the password via chat or email. A better practice is to send the password via a different channel and in a different context. When you send the file and the password by different communication channels; one via email the other via secret link, you are increasing the surface area and complexity between the two. This makes the reconstruction of the file to password context much harder.
6. A random password generator: You can use Cloak as a random password generator. It will also generate a private link for you to send to a recipient. If you don’t want to use ours, make sure you are using some form of strong password generator for your secrets.

The Openbridge team forked the code used in Cloak from an open-source project called Onetimesecret. We updated a number of core packages, Dockerized the application, added monitoring tools and restyled the user interface. The code is available for all via GitHub.

Give Cloak a try at https://www.cloak.sh/

You can also visit us at https://www.openbridge.com to learn how we are helping other companies with their data efforts.