Encrypting Passwords with CyberChef

A much better alternative to storing passwords in plaintext

Introduction

The best passwords should be long and random, but memorizing all of them is impossible. The best way I know to practice good password hygiene is by using a password manager. I use Bitwarden as my password manager.
I also store some sensitive information in text files and compress them into an encrypted zip file using 7-zip.

The Issue

The thing is, there will be few passwords you'll need to remember or store outside password managers. For example, Bitwarden needs a master password, which should be long and strong.
The same applies to the password of the encrypted zip file.
So, now this brings us back to square one. How do you safely store this password? There are a few possible options:

1. Write it down on paper. This is a good way, but the least accessible.
2. Saving it in plaintext on a text file. This is the worst way possible.
3. You can set a simple and memorizable password as a master password. One with your name or date of birth in it. 👀 This is worse than storing passwords in plaintext.

So, what's the solution?

The Solution

I think I found a way! To be brief, you can encrypt a single password or a group of passwords using CyberChef, then store the hash and the process of decrypting it in a way only you can understand.
To be more clear, you can use any available encryption algorithms from CyberChef. I will give you an example so you can understand it better.

• In the Operations column, select Encryption / Encoding. Then select AES Encrypt, and drag it to the Recipe column.
• Put whatever you want to encrypt (A single password or a group of passwords) in the Input column.
• There are different fields like Key, IV, Input, and Output modes for AES Encrypt. I have yet to learn about these in detail, but you can follow the below.
• In the Key field, you can see HEX. Click on it. Select UTF8 from the dropdown for both Key and IV.
• Now, the strength of the encryption depends on the length of your key and IV. AES-128 uses a 16-byte key, AES-192 uses 24 bytes, and AES-256 uses 32 bytes.
• So, you have to use some string with a minimum of 16 characters as a key and IV.

• You will get an encrypted string as output once you set a key and an IV.
• Now, store this and the process in a text file in a way only you can understand.

• Decrypting this hash whenever you need it is quite simple. Just select AES Decrypt and put the hash in input, and give the key and IV. The original password will appear as an output.

As additional measures, you can remove the .txt extension, to avoid your file from being detected when simple scripts are run to scrape files with extensions like doc, txt, pdf...