![]() I have complete confidence the AES Crypt files cannot be broken, but security also depends on keeping your encryption key secret. I have it entirely automated, where data I store on the NAS gets encrypted and uploaded to Amazon S3. I do store virtually everything online using AES Crypt. The larger topic is whether your data is secure online. Of course, you need to trust where the software is coming from, but all the source code it published there so you can review it. IMO, using any off-line tool is safer than an online tool. There, you can download several tools in a couple of languages (Perl and C) to generate random password. As a general rule, I don't trust online sites like those, because you never know who is behind them and you don't know who is in the middle.Īt the bottom of that page on Packetizer, there is a link to this page: Can you trust that they are truly random? Can you trust they're not storing your data. However, the bigger problem is using online tools. We have a page with computations like that here: It doesn't get stronger with more entropy on the password. ![]() That should still be fine, since AES has a 256-bit key. In that case, the bit entropy of your password can be computed as log2(16)*64 or 256 bits of entropy. Let's assume those were out of a character set of 16 characters (which appears to be what the site is using) and truly random. 64 random characters is probably pretty good.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |