Topic: File Security Question (Read 313 times)
Good tips - thanks, LaudaM.
The story with TrueCrypt is a bit of a mystery. It was allegedely safe and even recommended by Snowden until a certain point in time.
Read this and this.
AFAIK GPG encryption is very strong and it's usually the password that is the weakest link. Someone recommend using this:
So it really depends on your password. It's not really about the length but the quality; Something like this: mypasswordis123andisveryweak (28 characters); is always going to be weaker than: i=4Ma(r*2sAm!@Hf2z4 (19).
You should also read this .
Read this and this.
AFAIK GPG encryption is very strong and it's usually the password that is the weakest link. Someone recommend using this:
Code:
gpg -c --force-mdc --s2k-mode 3 --s2k-count 65011712 personal.zip
SourceSo it really depends on your password. It's not really about the length but the quality; Something like this: mypasswordis123andisveryweak (28 characters); is always going to be weaker than: i=4Ma(r*2sAm!@Hf2z4 (19).
You should also read this .
Let's say I have several wallet.dat files in a 2MB TrueCrypt vault. I'm somewhat sketchy on TrueCrypt's security, so if I encrypted the TrueCrypt file itself with:
...does that pretty much guarantee that my wallets can't be cracked?
My intentions are to upload the the gpg-encrypted TrueCrypt vault to several different servers over sftp. There is some risk of someone getting the encrypted file, one of which is because the servers are VPSs.
Please, let's not get into whether or not TrueCrypt is safe. All I know is that questions were raised but nobody has definitively proven it to be unsafe. I just want to know how hard it would be for someone to crack my wallet files given these 3 levels of encryption.
Code:
gpg -c --cipher-algo AES256 trueCryptFile.file
...does that pretty much guarantee that my wallets can't be cracked?
- The wallet.dat files have a 20+ character password.
- The TrueCrypt vault has a different 20+ character password.
- The gpg passphrase has a different 20+ character password.
My intentions are to upload the the gpg-encrypted TrueCrypt vault to several different servers over sftp. There is some risk of someone getting the encrypted file, one of which is because the servers are VPSs.
Please, let's not get into whether or not TrueCrypt is safe. All I know is that questions were raised but nobody has definitively proven it to be unsafe. I just want to know how hard it would be for someone to crack my wallet files given these 3 levels of encryption.
Jump to: