This is really good for encrypted content such as a hard drive, password vault or gpg key

  • Possibly linux@lemmy.zipOP
    link
    fedilink
    English
    arrow-up
    0
    ·
    5 months ago

    I also think encryption password security depends heavily on the hash. A hash that’s takes along time to break will be more secure and will require a shorter password to be secure

    • kevincox@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      5 months ago

      Yeah, that is what I meant by “strength of the hash”. Probably should have been more clear. Basically the amount of resources it takes to calculate the hash will have to be spent by the attacker for each guess they make. So if it takes 1s and 100MiB of RAM to decrypt your disk it will take the attacker roughly 1s and 100MiB of RAM for each guess. (Of course CPUs will get faster and RAM will get cheaper, but you can make conservative estimates for how long you need your password to be secure.)