Like others on this site, I am considering using encfs + sshfs for secure offsite backups. I am wondering how robust encfs is to brute force attacks? Do some users use the --stdinpass command with a file to make it harder to crack?
Thanks
Asked
Active
Viewed 3,405 times
1 Answers
1
Depending on the reliability of your password (how secure it is), it should be effectively unbreakable. It uses high grade encryption from everything I could find.
Note that storing the password on the system you are running encfs on will make it useless. That is, if you store the password in a file on the system itself, it won't take long for an attacker to find it and use it.
If you must store it somewhere, try a USB flash drive, or type it.
Michael Graff
- 6,588
- 1
- 23
- 36
-
1Hi Michael - Thank you for your response. There is no intent on my part to store the password unencrypted on the same machine as the encrypted data. The context of my question is a remote mount. Also, my question is really driving a the definition of "hard." Is an 8 character encfs pass phrase "hard" to crack under any circumstance? I suspect most of us naively assume encfs is intended with use with this sort of pass phrase. I am wondering whether more expert users chose 4096 byte (or longer) pass phrases. – Setjmp Jan 16 '10 at 18:13
-
Ultimately, some form of encryption will be used. If it is 128-bit, or 256-bit, then the most you need is 128 or 256 bits of password. If it is ASCII text, then I'd make it a bit longer than expected. If it is a strong password (uppercase, lowercase, numeric, and symbolic) then it is likely to be good enough, depending on who you are defending against. If it's the government, or a huge organization, then longer will always be better. If it's to keep your porn secret from your SO, then chances are 8 characters are enough, unless your SO has a pile of computers handy. – Michael Graff Jan 16 '10 at 18:37