Managing the Master Keyfile

 Top  Previous  Next

In order to strike a balance between convenience and security, mircryption uses the following strategy: each time you quit and restart mirc, and then first send or receive text from a channel you have indicated should be encrypted, you will be asked for the master keyfile passphrase.  Even if someone gets access to your files, they will not be able to use your keys without you telling them the master passphrase.

 

This means that you will not be asked for the master passphrase until it is needed, and it means that the master keyfile, containing all your channel keys, is kept on your harddrive in an encrypted state.

 

Remember your master keyfile passphrase! If you forget it you will need to delete the MircryptionKeys.txt file in your mirc directory in order to delete all stored channel keys.  Backup your encrypted keyfile occasionally if you need to.

 

If you feel confident that your local machine is secure, there is a feature to let you store your master passphrase in a mirc file and not enter it each time.  You can do this by adding a line to your alt-R variables list:

 %mc_keypassphrase YOURMASTERPASSPHRASE

Where YOURMASTERPASSPHRASE is the passphrase for your file.  If such a variable is found, it will be used instead of you being asked. You can delete this variable line to resume being asked.

 

WARNING!!!

 

Keep in mind that if you do hardcode your master passphrase in this way, and someone were to get access to your mirc files and your MircryptionKeys.txt file, then they would be able to use these keys to send/receive encrypted traffic on all those channels just as you do.

 

You can instruct mircryption to ask for passphrase at start and not allow mirc to connect to any server at all untill the proper passphrase is entered.  Do this by adding the following to your alt-r variables:

 %mc_requirespass yes

Note that anyone who knows how to edit mirc scripts can bypass this.  To disable, go to Tools->Remotes->Variables, and change value to no.  It simply adds a thin layer of protection to keep out casual lookyloos.

 

If you have multiple mirc installations on the same computer, you can set them to all use the same MircryptionKeys.txt file.

In each mirc, set the alt-R variable %mc_keyfile to the full path name of the single MircryptionKeyts.txt file you wish to use.  Note that mirc seems to dislike long paths with spaces, so you have to use the short (8 character) version, or put MircryptionKeys.txt in your c:\ or c:\Windows directory if you dont know how to do that.