Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] encrypted linux systems

On 01/28/2014 11:39 AM, Edward Ned Harvey (blu) wrote:
> Also, last I knew, [Truecrypt] use a 16,000 round key derivation 
> function, which is wildly insufficient to protect against offline 
> brute force attack. You need to select a very long, highly entropic 
> password. As they suggest, no less than 20 characters. 

Even with password hardening, I would suggest a good passphrase for any 
encryption key you care about.

For a Linux machine might not be booting it very often, so a long pass 
phrase doesn't *have* to be that much of a pain.

Write down most of it, remember a shorter portion of it.  Don't store 
the written down part with the computer you are protecting. If someone 
finds the written down part, and knows what it is, you would be no worse 
off than if you only used the shorter portion and relied on strengthening.


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /