Securely synchronize passwords and other sensitive data via Dropbox and other online storage services

With all the buzz about LastPass and other services you can use to help managing passwords and login information for all the websites you visit, I wanted to share my way of accomplishing the same.

There are now LastPass plugins for all the major browsers out there, Chrome, FireFox and Opera, and even mobile devices.

Im not saying LastPass is no-good, it looks like a nice piece of software.

But, I don’t want to store my passwords at any 3rd party, even though I know LastPass uses encryption.

My main browser over the last 6-7 years (version 7.something) is Opera. Opera have a feature called Wand which can remember your passwords when you sign in to websites, and it will let you log in automatically by pressing the Login key or Ctrl+Enter.

Finding the Wands password file

The wands remembered passwords are stored in the “Opera directory”, which you can find by entering opera:about in the addressfield, and pressing enter.

On my computer this directory is:

C:\Users\<username>\AppData\Roaming\Opera\Opera

In this directory there is a file called wand.dat which keeps all your passwords.

If anyone gets hold of this file, they can use all your passwords and logins…

The plan

Now, this file can easily be moved to some other directory, or even harddrive, so here is what we are going to to:

  • We use TrueCrypt to create a small file container with about 1 or 2 MB storage, this should be enough to put our wand.dat file into this container and storing it safely
  • This TrueCrypt volume is set to be automatically mounted at system startup, you then need to enter your password for this container before you can use the wand file (and your passwords) in Opera
  • When you are done browsing, you unmount the truecrypt volume.
  • You can then put your TrueCrypt volume inside your Dropbox folder, so it will be synchronized to, say, your other computer.

Creating the encrypted file container with TrueCrypt

If you don’t have Dropbox installed (or some other synchronization service) download and install it.

  • Download and install TrueCrypt
  • There is a good tutorial here on how to create a TrueCrypt standalone volume, follow through the tutorial.
    You can create a volume of 1 MB, and create the file inside your Dropbox folder so it can easily be synchronized.
    Also remember to use a strong password consisting of as many upper and lower characters, numbers and symbols as possible.
  • When you have done the tutorial, and you have your TrueCrypt volume mounted, go to the menu Favourites -> Add mounted volume to favourites
  • Then go to Settings -> Preferences and Enable “TrueCrypt Background task” and “Start truecrypt background task upon logon to Windows” for automatic start and mounting of your favourite volumes.  Uncheck “Preserve modification timestamp of file containers” so Dropbox can see that the TrueCrypt volume has changed, and upload it to your Dropbox.  Maybe you want to alter the “Auto-Dismount” settings a bit too, these settings depends on what you prefer; security vs convenience

Now that our encrypted volume is set up, mounting and unmounting works, and the file container is beeing synchronized with Dropbox, we can move our Opera password file into it.

Moving the wand.dat password file into the encrypted container

opera config osv, bruke fast mount point bokstav

Actually, we don’t move it yet, we copy it first, for security reasons, so we don’t screw things up if anything goes bad, or if you don’t remember your password.

  • Copy your wand.dat password file into your newly created TrueCrypt volume, say it is mounted at the letter X: (you should settle on one letter, since we are telling Opera that your file is located at that path)
  • In Opera, enter opera:config in the address bar and search for “wand”
    (or go there directly by entering opera:config#UserPrefs|WandStorageFile in the address field and hitting enter)
  • Select the "Choose" button and browse to your mounted volume at X:\wand.dat
  • Hit “Save” and restart Opera

You should now be browsing with Opera using the password file from the encrypted volume.

Testing if it works

To test if it is set up properly, move the wand.dat file in your original folder ( C:\Users<username>\AppData\Roaming\Opera\Opera\wand.dat ) to your desktop or some other folder. Then restart Opera. Can you use the Wand to log in to your websites now? (Yes you should, since Opera now uses the wand.dat in the encrypted volume).

If you dismount your encrypted volume, and open Opera, can you log in to websites now? (No, you can’t)

How to use this setup

The encrypted volume is set to auto-mount at computer start up, you will then be prompted for your password.

  • Whenever you need to use your Wands passwords in Opera:
    Mount the encrypted volume, start Opera.
  • When you are done browsing, and don’t need your Wands passwords:
    Close Opera and dismount the encrypted volume.
  • When you want so synchronize your volume (and your Opera passwords):
    Dismount the volume, start Dropbox.

Other ways to use a TrueCrypt volume

Ofcourse, you can use this encrypted volume for more than just your Opera settings file, you can safely store your other sensitive data in the same volume.

Every file you want to synchronize or keep on your multiuser laptop, and still keep the data private, just put it in the volume.

Please share this article!

comments powered by Disqus