Overview
------------
We've all done stupid things in our lives. As programmers, we tend to do stupid stuff on our computers. One of those stupid things may be storing passwords in files on your computer.
We all have reasons why we may have done this. Whether we "needed" to add those passwords in to make a program work, or we wanted to save ourselves time by making a program that automatically logs into certain websites to scrape information.
Don't Store Passwords On Your Personal Computer
------------------------------------------------------------------
A good rule of thumb is to not store your password anywhere on your local computer. Because personal computers are very vulnerable from random stuff we download, going to sketchy sites and a large number of other things, it makes it easier for hackerz to gain control of your computer/log in as you. Because of this, anything you can view on your computer, whoever gains access to your computer can view the exact same thing. So any passwords you have on your computer will be compromised without even knowing it.
How to Fix This
---------------------
What you should do is search your computer and find all of the passwords that you use to log into websites/bank sites and any other important things, like social security numbers, and remove them. In order to do this without your computer recording the command, type this command (MAKE SURE THERE'S A SPACE IN FRONT OF IT) in your terminal:
grep -r "<your_password_you_want_to_find>" /
Make sure you replace <your_password_you_want_to_find> with the password you are trying to find on your system. Here's an explanation of what this command does:
space at the beginning - The space at the beginning tells the terminal not to record this command in your bash history (in the ~/.bash_history file). You'll want to be sure this will work first by issuing the command "echo $HISTCONTROL" in your terminal. The output you want to see is either "ignoreboth" or "ignorespace". If neither of those is the output in the terminal, then you'll want to set that variable like this: "export HISTCONTROL=ignorespace"
grep - This command is the standard search in unix. It searches for the word/phrase given to it
-r - recursively look in all directories that you specify. This allows you to look inside the directories in the folder you specify, allowing you to search the entire system
"<your_password_you_want_to_find>" - This is the word/phrase that is being searched for. If you wanted to find variations of a password, you can make this into a regex expression.
/ - This makes the command run under the root directory (The lowest directory there is) so that you can search the entire computer.
Removing the Passwords
--------------------------------
Once the grep command find all of the occurrences of your password, you need to go into each file and remove the password.
Conclusion
--------------
Removing passwords from your computer is important to ensure your security from hacking attacks. Some passwords for things like websites or databases you create may need to be stored on your computer, but you should never have to store things like your email password or social security numbers on your personal computers.
Resources
-------------
- http://stackoverflow.com/questions/8473121/execute-command-without-keeping-it-in-history
- http://www.thegeekstuff.com/2008/08/15-examples-to-master-linux-command-line-history/
NOTE: This guide is currently in rough draft form and could be improved with clearer instructions and pictures. If you would like it to be more in depth, I will be extremely happy to improve on this, all you need to do is ask in the comments and I will do it asap (I just don't want to spend forever on something no one reads and/or cares about).
No comments :
Post a Comment