Hacker News new | ask | show | jobs
by rocqua 3344 days ago
The private key can be encrypted by a password, presumably this encryption is done client-side.

This means the data is also secure in their datacentre at rest. That is, until you provide backblaze with your password to actually access your data.

Essentially, until you need the data that is backed-up, no-one can get to it.
1 comments
jlgaddis 3344 days ago
My SSH keys are also protected by a passphrase, but you certainly won't find me uploading them to the Internet.
link
rocqua 3344 days ago
If it uses pbkdf2 with sufficient rounds and a decent password (say 5 words from diceware) it should be perfectly safe to upload the keys.

Better to keep them offline and keep ownership of the key as a second factor certainly, but encrypted keys can be a fully acceptable single factor.

link