![]() There have been no extensions to these results since they were "But even from a theoretical perspective, Twofish isn't even remotelyīroken. Wikipedia lists some progress on attacks of twofish, but concludes by quotes the first author of the a decades old published partial attack: (these are benchmarks for encryption but should be similar). The time necessary to check a single passphrase of twofish and DES are both similar (see time/cycles to set up key and IV - initialization vector): I think that Password Safe now supports something like the work factor of bcrypt, but if I'm going to use the Spolsky method of sharing my file between computers with Dropbox, I want to be very sure that, if it fell into the wrong hands, nobody would be able to brute force it.Īssuming I've chosen a complex password, how secure is the encryption on these files?īy fast, they mean once you've set up a decryption key (e.g., entered your passphrase), you can decrypt a large or small file very quickly. I want it to be very difficult to brute force my password file, so I want the decryption be relatively slow. Password Safe protects passwords with the Twofish encryptionĪlgorithm, a fast, free alternative to DES.Īlthough I respect Schneier, the "fast" encryption part gives me pause. Password Safe was created by Bruce Schneier, who said the following about it: They use the same file format, so you can alternate between the two, using the same file, as Joel Spolsky recommended. Both store a list of user passwords in a file, which is encrypted using a master password. Password Safe and Password Gorilla are both programs to manage passwords.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |