![]() Nonetheless…I’m still using v7 and will continue to do so until it breaks…and then I’ll evaluate v8 once again to see if it adequately fixes the critical flaws that v8 currently has…otherwise I will just move on. ![]() I’m not knocking the Secret Key at all…it’s a good idea but they’re overselling it as the be all and end all in security enhancement that only they have. It is true that Amazon and others sell computer time pretty cheaply…but a quick look at Steve Gibson’s haystack size page shows that long pretty quickly gets you into 10s of thousands to millions of centuries and while Moore’s Law still applies and computers will always get faster…it would take many orders of magnitude of improvement in computer capability to make a difference in that very long time…and even when those orders of magnitude eventually happen I’ll be dead and gone, still won’t be worth the effort, likely those orders of magnitude won’t be easily/cheaply available for even longer after they’re invented, and one can always just choose an even longer password to change the master password to. ![]() The main reason for the Secret Key…or the fingerprint phrase or whatever in other managers…is to protect against crappy master passwords by adding essentially another long password that forces the bad guys into either moving on to another target or resorting to brute force attack…and practically none of us are worth that kind of expense. ![]() ![]() I kinda think they’re overselling the importance of the Secret Key…in the end it’s just a second password that is needed in order to break into your vault…and they pooh-pooh (for instance) the password for say DropBox if that’s where you store your v7 or earlier vault because theirs is so much better…but in the long run it’s just used to increase the entropy in your encryption and hence the cracking time…and a long password with the full 95 character alphabet provides a very long cracking time anyway so doubling or whatever that very long time doesn’t mean much. ![]()
0 Comments
Leave a Reply. |