1

Take the combination of an encrypted disk with a secure enclave chip that never exposes an internal Key Encryption Key and throttles or prevents too many password guesses.

Seems to me that this should be capable of defeating brute force attacks against relatively short passwords, even if the attacker gains physical access to the hardware and storage.

Is this reasoning sound? Does it apply to Macs with Filevault, or Filevault plus the T2 security chip? If so, does that mean we don't need such long login passwords?

Purplie
  • 11
  • 2
  • Hmm, ok so you want to protect your login with a *guessable* password and rely on the protection provided by Filevault. But what happens if the attacker manages to guess your password and logs into the machine with **your** account? How could Filevault protect the files from being accessed by **you**? – Serge Ballesta Jan 17 '22 at 16:32
  • 1
    I simply mean that if I use a shorter random password, e.g. 6 alphanumeric characters, and if the chip limits guesses to 1 per second, I would not expect brute force to work. (36^6 seconds = 69 years). – Purplie Jan 17 '22 at 16:49

1 Answers1

0

While I can't address the questions about Apple's security hardware in particular, a few considerations:

  • Simple passwords are easier to shoulder-surf.
  • While your login password and FileVault password don't need to be the same, they are by default, and having a weak login password has its own problems:
    • On a shared machine, somebody else can log in as you.
    • If you have any password-based remote access (SSH, screen sharing, etc.) enabled, an attacker can easily remotely access your machine while it's on.
CBHacking
  • 40,303
  • 3
  • 74
  • 98