Wątek: Drive encription with veracrypt
Wróć do listy wątków2 z 2
Poprzednia21 z 39: ArcticMoon
What a childish mess is going on in your life man.
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
14.09.2023 01:26
22 z 39: bomberman29
What if you do this password:
Methionylthreonylthreonylglutaminylarginyltyrosylglutamylserylleucylphenylalanylalanylglutaminylleucyllysylglutamylarginyllysylglutamylglycylalanylphenylalanylvalylprolylphenylalanylvalylthreonylleucyl
this is not the full word. you can check it here:
https://thewildlife.blog/2021/12/07/full-titin-protein-name-is-189819-letter-longest-english-word/
my github: https://github.com/denizsincar29
14.09.2023 15:16
23 z 39: Urh2006
@arctic moon what do you mean? anything wrong if a person has great memory and a reasonable typing speed to type the password in ina relatively fast way? If you do not have good memory, do not criticise others for it.
When you're stuck, just try harder.
14.09.2023 17:07
24 z 39: ArcticMoon
My memory is pretty good, thanks for asking. I just use it in the right way. :)
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
14.09.2023 23:22
25 z 39: Urh2006
you never ask yourself what might be kept on those drives. but yes, I can get your point. maybe next time before replying take some lorazepam. Have a great day!
When you're stuck, just try harder.
16.09.2023 00:52
26 z 39: ArcticMoon
I'm not sure what a 15-16 years old guy might keep on a disk that requires a 190 characters long password, as that kind of stuff would be illegal to own.
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
16.09.2023 12:49
27 z 39: Urh2006
your answer is 100% correct. I have decided to move all of my stuff to my external so I can encrypt that one.
When you're stuck, just try harder.
16.09.2023 12:50
28 z 39: cyrmax
Hey there!
Firstly, veracrypt itself is accessible, like 98 percent, in some situations you need to use object navigation to read some explaining texts or help messages but everything else is accessible.
The only two things that are not accessible at all are password prompt on boot and password prompt in secure desktop screen, as screenreaders have no access to this secure desktop thing, even OCR has no access, so you have to type password and just press enter. But as veracrypt declares, with this security feature no keyloggers can intercept your password.
Second, about long long passwords, memorizing them and other stuff:
1. beware that if the password is long and difficult for you it does not mean that it is difficult to break. For example this very very long word from chemical can be found in any big dictionary for bruteforcing, and so the hacker would spend just a few hours to find it.
Please think about it and treat differently two terms: password cryptographic strength and password difficulty for human brain.
One more note about veracrypt: please if you use a volume encryption try to keep it safe from ocasional disconnects. Once i have lost all my data because of just one random disconnect while the volume was mounted and decrypted.
And please, i repeat, please! Do not use veracrypt's built-in feature to encrypt and decrypt in place. would be better and safer to copy your data somewhere and then just create or delete volume, not decrypting data in place. Or at least do a backup of encryption header for the volume or even better if you have a free place do the full, byte by byte, backup of entire volume.
One random disconnect or power failure will destroy all your encrypted data without any, really any chance to restore it.
And the last thing:
remember that 20 symbols password like bnrgrigsregnknwsi5uyt98ghstnlrgnwlenturghswnryl is better than 1000 character password with words like "hellotrytohackmysuperwonderfulencryptedandprotecteddriveiwillneverletyouseewhatisinsideandyouwillneverreadthoseveryverysecretdata".
Because there is not only brute force attack, but also the dictionary attack method which will try to build your password from words in different languages.
For example, password of 10 characters including only capital and small letters and digits would have aproximately 839299365868340224
variants for bruteforce.
The top computer with the best processor and GPU will spend 511269 days in the worst situation, it is something about 1400 years of continous hacking at max speed.
And your very long password of words... Treat every word as a single symbol, remember that some of those words could be optained with social engineering by analizing your unencrypted data and social activity in the internet, then think about linguistics, so we can build a probability graph where every word knows with which probability it will be used after another word.
I cannot calculate now because i have not much data for an exact example, but it would be much easier to hack your very long and smart password than just a random string of 10 characters.
U3RhbmQgd2l0aCBSdXNzaWEhIEhhaWwgUnVzc2lhISBMb3ZlIHRoZSBtaWdodGllc3QgY291bnRyeSBhY3Jvc3MgdGhlIHBsYW5ldCE=
16.09.2023 13:25
29 z 39: ArcticMoon
Exactly, and it's even more likely since he has an explanation next to all the words he uses. But these people, sadly, care only about how long a password is, to brag about it to their friends, and the other day they are shocked to see that someone hacked them. I've also had a groupmate like that, he had superlong passwords for everything he used, and he explained all of his actions with statements like I'm a programmer, I must protect my data, etc.
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
16.09.2023 13:31
30 z 39: cyrmax
@ArcticMoon
Yes, unfortunately it works like that.
Most people heard about security but almost nobody has an idea how to achieve this security properly. So they make nonsense long passwords and brag about it aloud.
For example, see, I can make very very long password:
qwerty1234567890qwerty1234567890qwertytrewq1098765432qwerty0987654321asdfghjklzxcvbnm0987654321
Very very long but extra easy to hack.
U3RhbmQgd2l0aCBSdXNzaWEhIEhhaWwgUnVzc2lhISBMb3ZlIHRoZSBtaWdodGllc3QgY291bnRyeSBhY3Jvc3MgdGhlIHBsYW5ldCE=
16.09.2023 14:17
31 z 39: Urh2006
95% of my passwords are generated with a password manager. but I believe in the concept that for your drive you should have a password which does not follow the same principal as your other passwords.
When you're stuck, just try harder.
16.09.2023 15:47
32 z 39: ArcticMoon
Your password in the previous post is not a good example anyway. Usually when people create very long passwords, they start writing exact words because they can remember them. And here it's not about how good your memory is. I used to sing competitively when I was younger, and I took part in several competitions in which I had to tell poems. I had a lot of lyrics in my head, especially because when I sang folk songs, I also listened to other people's songs, so I learned theirs After a while, I could sing hundreds of Hungarian folk songs by heart, and these songs should be known to consist of at least 7 or 8 verses. Memorizing something without context is very difficult, and you can only memorize a 190-character password if it is not made up of random letters, but of coherent words. The password you have just written is also easy to crack because it is made up of adjacent characters, a frequently occurring, repetitive string of characters. Urh's password, on the other hand, can indeed be cracked in a few minutes using corpuses, collocations and dictionaries. I know what I'm talking about, I wrote my bachelor's thesis on collocations :)
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
16.09.2023 15:49
33 z 39: ArcticMoon
How could a randomly generated password follow a principal? That's beyond my abilities to understand. A generated password is secure in fact because it's randomly generated, thus it doesn't follow any principals.
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
16.09.2023 15:51
34 z 39: Urh2006
I'm not going to argue with you why I need to protect myself because that is beyond this thread. You do have a good point in a lot of ways, but this is not some online service that you just generate a pass for, this is a drive which keeps your sensitive documents. If we're already talking about this let me just say that the only real weekness my pass has is that if someone knew me well and knew me personally they could over time reverse ingeneer me. But the real problem lies in the fact that I am indeed too lazy to take even more messures into my own hands. It always comes down to convenience or privacy.
When you're stuck, just try harder.
16.09.2023 15:53
35 z 39: ArcticMoon
This is exactly what I am talking about. It's a hard drive that should have even stronger protection, and that's exactly what Kirill was trying to explain to you. If a generator makes you a 20-character password, it will be much more secure to use it on a website than to make up a password of nearly 200 characters and type it in every time you log in. So, in the end, you can conclude that random websites currently make you feel safer than your own computer. What you need is not a more secure password, but a course or two in collocations, which I would be willing to give you if you were not so stubborn and incomprehensible. Read Cyrmax's post a few times yet and you are going to understand what we are talking about.
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
16.09.2023 18:14
36 z 39: Urh2006
I'm secure enough. This topic was about veracrypt in the first place not about how passwords should be made. i have gotten my answers. I encrypt my sensitive folders with PGP anyways just to be on the safe side.
When you're stuck, just try harder.
17.09.2023 12:44
37 z 39: Urh2006
Besides, I do not need your lectures about passwords, thanks for the tip though. I'm probably not going to use it however. I can't have a generated password for my drive, for everything else yes, but not for a drive.
When you're stuck, just try harder.
17.09.2023 12:53
38 z 39: ArcticMoon
Why not? Is it difficult to remember a randomly generated 190 characters long password? :)
-- (Urh2006):
Besides, I do not need your lectures about passwords, thanks for the tip though. I'm probably not going to use it however. I can't have a generated password for my drive, for everything else yes, but not for a drive.
--
U3RhbmQgd2l0aCB0aGUgZ3JlYXQgUnVzc2lhIGFuZCBIdW5nYXJ5IQ==
17.09.2023 15:07
39 z 39: Urh2006
exactly that. so that is why it is not generated and it is mein. what is so hard to understand about this?
When you're stuck, just try harder.
17.09.2023 15:08