What Truecrypt password should I use?

Discussion in 'privacy technology' started by ackzor20, Feb 15, 2012.

Thread Status:
Not open for further replies.
  1. ackzor20

    ackzor20 Registered Member

    Joined:
    Feb 15, 2012
    Posts:
    17
    I need to create a truecrypt password and I want it to be vey secure but I also need to be 100% I don't forget it, so I was wondering how much more secure it is to do something like this:

    Instead of: 7b=r?X!2 you put this 8 character string into something very simple to remember (and easier to crack) such as:

    AbCdEfGhIjKlMnOpQrStUvWxYz0987654321ABC7b=r?X!2

    Surely this would be considerably safer than the simple 8 char string and it would still be very simple to remember?

    Oh and a couple other questions:

    How long time does it take to encrypt a 200gb harddrive with OS?

    How safe is it to have full disc encryption in terms of something going wrong and everything being lost?

    Also, does simply pulling the plugg on the computer render it inaccessible or will the password be stored in the RAM? (i.e do I have to completely shut down a computer for it to be inaccessible?)

    Thanks
     
  2. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    i+GI=JHMC;gBrwl*(b(a0*&V(rE53l3b6lgnlF*oeKb\;]ha1!Ir9lzswM-q!|)

    would be a more appropriate pass for example ;) , and will take them about 100000 years to crack with even the most beast server cluster ;)

    on the time it all depends on your hardware how fast or slow the encryption will go thou you can benchmark your selected encryption method with tc

    and fde is the safest youll get just dont forget that pass and if you got sensitive data id do a hidden os setup ;)

    and about the password stored in ram , theyd have to be fast as f to get it from cozy warm ram , wich the success rate would be 1 out of a million ;), and if your that paranoid you might as well set a sensor that turns off your pc as soon as your apartment is breached when your not there ....but in reality its enough time should they catch you while on the pc if you pull the plug asap ;)


    and if your completely nuts with paranoia you can mount magnesium plates with igniters between your hdds and as soon as breached itll melt your hdds to nothingness
     
    Last edited: Feb 15, 2012
  3. ackzor20

    ackzor20 Registered Member

    Joined:
    Feb 15, 2012
    Posts:
    17
    Yes but the problem is that I can't remember a 64 character 96charset password, but I can remember a simple combination followed by an 8 character 96charset string. Surely my second example is still a lot more safer than just an 8 char string?
     
  4. happyyarou666

    happyyarou666 Registered Member

    Joined:
    Jan 29, 2012
    Posts:
    802
    second example...is ok , but the mentioned combo isnt so difficult to remember after having used it for a couple times of course itll take more than a few days, and you can use half of that for your regular outer volume ;)
     
  5. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Hi ackzor20 as an avid Truecrypt user let me answer your questions. I currently use FDE for all my drives including my OS. My rule of thumb for passwords passphrases is to choose a phrase you know well, then to utilize simple tricks such as what you did above to add salt to it or misspell the words. Example "Rex is a bad password" can be turned into Rex'!sabadpassword7b=r?X!2, 7 b=r?X!2Rexisabadpassworddon’tuseit!, or any play on the words etc. You will be surprised you can remember long passphrases then.

    I utilize two internal 2 TB drives both of which using truecrypt took around 12 hours to fully encrypt each one. For a 200 gb drive it should only be a couple hours I am ballparking 2-4. In terms of data loss or corruption sure that is a risk, however Truecrypt will force you to create and validate a rescue disk which would be used in the event your Truecrypt bootloader becomes damaged preventing you from mounting the drive. You can find more detail on the rescue disks here (http://www.truecrypt.org/docs/?s=rescue-disk)

    As with most software encryption Truecrypt does utilize the RAM. FDE only protects your data when a hard drive is in an unmounted/encrypted state. Mounting the drive decrypts the data and would defeat the purpose of encryption if your drives were stolen in this state. You must power down your machines and allows a couple minutes for the RAM to also clear. At which point you can be sure your data is safe. Or yes… if you want to hit the red panic button i.e pulling out the battery or wall socket cord and hitting the power button would perform an instant flush of RAM memory as well though that is not advised. However that being said a RAM exploit would mean someone would need to have physical access to your computer in a relatively short time after it was turned off. If you feel you have a potential adversary which will have continuous physical access to your machine, FDE will not protect you and you should assume no security.
     
  6. Function

    Function Registered Member

    Joined:
    Feb 5, 2012
    Posts:
    76
    Location:
    UK
    it might be more simple to remeber a string of words and change everything?

    Like

    thisismyhouse becomes Th15;sm`H0_5=

    I don't know XD but it might help to slowly build your password. Try to remember 10 Characters. Then another 10. Then add them together and so fourth.
     
  7. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Changing words like this to th15 doesn't really do anything. It's an attempt to break dictionary attacks but no dictionary bruteforces more than a few words without becoming absolutely too slow.

    Most of our ideas about password strength are based on assumptions that we make about the attacker's methods.

    aaaaaa

    is just as secure as abcdef

    except that attackers might check for one of those passwords in a dictionary.

    aaaaaaaa

    is just as secure as

    password

    but password will be in any dictionary.

    so then we do p455w0rd to avoid dictionary attacks.

    But if you do mypasswordisblahblahwildersblahblah or something it's nto goin to get dictionary or bruteforced.

    A dicionary with 200 words will have a character set of 200, so if you have two words there are 2^200 combinations.

    Basically, in short, changing up words doesn't really do anything if your password has a few of them.

    I like to take two words or even a song title, add a birthday of a friend, and then add one or two symbols (?? is fine.) This is simple to remember, doesn't involve breaking up words in weird ways that makes typing more difficult, and has a very large character set and length.

    You can also take a quote "tis better to have loved and lost than to have never loved at all." No one is going to bruteforce that, no one is going to get that with a dictionary attack. It's easy to remember.
     
  8. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Added to my word list for cracking ;)

    I jest:D
     
Loading...
Thread Status:
Not open for further replies.