Can anyone break my TrueCrypt password?

Discussion in 'privacy technology' started by truthseeker, Oct 15, 2008.

Thread Status:
Not open for further replies.
  1. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I created a Truecrypt container, which has a password that is 18 characters long. My password contains spaces, numbers and letters. It doesn't use the keyfile option, it just has a password.

    My question is...... If someone steals my laptop, is anyone able to break that password and access my files that are stored inside the TrueCrypt container?
     
  2. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,415
    Location:
    U.S.A.
    According to this article Password Recovery Speeds, a Class C Brute Force Attack (1,000,000 Passwords/sec), using mixed Alpha, Numerals & Symbols, would take 229 years to break an 8 character long password. Even at a Class D (10,000,000 Passwords/sec) attack, it would take 23 years to break that same length password. You are using 10 more characters than that. IMO, you're safe.

    Unless you work for the FBI, CIA or NSA, nobody is going to hang around that long to see what you might have in your laptop. But if you work for them, someone would probably use a supercomputer (1,000,000,000+ Passwords/sec) on your system and then you're toast in a few months. ;)
     
  3. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    LOL :argh: In a few months, if my laptop was stolen, I would have changed all my netbanking passwords etc, so even if they broke into my TC container after a few months, the information would be useless to them as I would have changed all my login and password details the minute I realised it's been stolen or accessed.

    Thanks for the time you invested into answering me, I really appreciate it :thumb:
     
  4. JRViejo

    JRViejo Super Moderator

    Joined:
    Jul 9, 2008
    Posts:
    97,415
    Location:
    U.S.A.
    You're welcome, thruthseeker.
     
  5. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    :D :D :D I would use approx. 30+ char long password. That is also too much for secret service.:D :D :D But this paranoia level is only half as insane then the 60+ of government guys.
     
    Last edited: Oct 16, 2008
  6. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Your TrueCrypt password/access may be accessible without having to break it.

    As an example, here is one gentleman I know in this capacity who has done just that thing in the past.
     
  7. DavidXanatos

    DavidXanatos Developer

    Joined:
    Sep 6, 2006
    Posts:
    2,319
    Location:
    Viena
    That BIOS bug is fixed in TC since ages.
     
  8. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Now I feel like a sucker using 63 alphanumeric WPA Key :ninja:
     
  9. stap0510

    stap0510 Registered Member

    Joined:
    Aug 5, 2008
    Posts:
    104

    From what I understand, this issue is non-existent in the currect version 6.0, and has been solved.
    Feel free to correct me, if i'm wrong.
     
  10. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    That is for version 5. But I am using TrueCrypt version 6.0a

    Are you hinting that this issue is applicable for versions after 5? :blink:
     
  11. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I noticed you refuse to answer when you are not able to backup your claims
     
  12. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    11,126
    Location:
    U.S.A. (South)
    That was the "PAST".

    Care to offer some evidence by way of link or other article to confirm that claim on today's latest versions of TrueCrypt?
     
  13. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    Steve, at least do the right thing and reply. Even if you have to admit your comments are in err, post a reply.

    And if this issue that you mention applies to version 6.0a, then I want to know about it. So do you have any evidence of it?
     
  14. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    hahaha:D :D :D No need to worry just stay relaxed. :D :D :D
     
  15. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    truth seeking can be very annoying ;)
     
  16. truthseeker

    truthseeker Former Poster

    Joined:
    Jan 26, 2008
    Posts:
    977
    I disagree. Truth seeking is wonderful, because I love the truth.
     
  17. Leonid

    Leonid Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    42
    Guys, think about it. Password length & complicity will not make you safe. You have to hide the fact that you are encrypting. If the authorities know that you are encrypting and have a reason to find out what are you up to....it is very likely that they would get you. If they have resources and capabilities. They can simply get into your house when you are away, install hidden cameras, and that would be it. You won't even know it. Untill they knock on your door with the court order to read your rights and drive you away for interrogation. :eek:

    However, it is highly unlikely. But, as said, if they have a reason to catch you, don't have any doubts, you will not get away. So, think about it, if you are not doing anything seriously illegal, you don't have any reason to worry about. Your wifes, mothers, neighbours, don't have capabilities to catch you. They don't even know what they need to do to catch you up. The authorities are a different story. If they are advanced enough, 64 characters, extremely complicated combination, high entropy, cryptographic strength, nothing will help.
     
  18. crofttk

    crofttk Registered Member

    Joined:
    May 15, 2004
    Posts:
    1,979
    Location:
    Eastern PA, USA
    LOL, why deploy all the high tech and get the judge out of bed if all they are doing is stealing the guy's laptop as was the hypothetical posed by OP?
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.