My take on that is: Thou shalt not utter passwords but inside thyself. At the moment sensitive information is on display, that display becomes a location inside thyself which thou shalt not reveal. Since that information propagates through your computer memory via X cut buffers and what not, your whole box is to be treated as being inside thyself, once a security token has been accessed. So you must keep it from utterance, and the only safe way to detach your responsibility from that box is turning it off (provided it's disks are encrypted and the swapspace is disposed of properly at shutdown).

In short, it's not a matter of memory destruction but of perception. Security is about awareness, not about a particular device, much the same as firewalls aint software or appliances, but concepts.

Even if I provide for my colleague to encrypt proper all their data with unbreakable ciphers, I cannot prevent them from shouting in the mall.

That said, your approach seems safe to me (for some value of safe ;-) which doesn't mean it could not be improved...

--shmem

_($_=" "x(1<<5)."?\n".q·/)Oo.  G°\        /
                              /\_¯/(q    /
----------------------------  \__(m.====·.(_("always off the crowd"))."·
");sub _{s./.($e="'Itrs `mnsgdq Gdbj O`qkdq")=~y/"-y/#-z/;$e.e && print}