Questions tagged [passphrase]
A passphrase is a longer password that typically consists of multiple words.
132
questions
1
vote
1
answer
145
views
Hide password from server
I’m a beginner in cryptography and for my first project I use the client’s password to encrypt some data. More specifically, I use the password as passphrase in RSA private key generation). However, I ...
0
votes
0
answers
20
views
Relation between plain text and encrypted in URL [duplicate]
There are several plain text and encrypted text like:
Plain text
Encrypted text
10101004535
7Za9kHM9OH6tKTrtxy86gw==
10860586924
/nwjXW3MYkcATRS5Xyjx/A==
10480090635
/F0D9ePZffTIiH/P8mK+kw==
...
1
vote
0
answers
107
views
Windows decrypting TC volume without passphrase?
I remember having read a blog post or a forum post, some years ago, about a TrueCrypt user whose Windows machine sometimes, at boot, did not ask for the TC passphrase and decrypted automatically the ...
0
votes
3
answers
209
views
How to analyze the security of a custom passphrase?
Let's assume person A chooses 15 words for a passphrase with an average length of 5. The passphrase meets following conditions.
Word conditions:
The first word is not a valid word and can't be found ...
1
vote
1
answer
160
views
ssh server encrypted key vs password login [duplicate]
In an openssh-server login to a GNU/Linux machine
to use a private ssh key encrypted with an N-characters passphrase, then sshd_config:
PasswordAuthentication no
PubkeyAuthentication yes
is it ...
2
votes
1
answer
291
views
Static RAM: Detecting presence and wiping?
As I understand from reading another question here, SRAM may be more dangerous than traditional volatile RAM in terms of storing passwords and other sensitive information.
I know that when a computer ...
0
votes
0
answers
319
views
GPG passphrase in the cache as a hash?
I understand that nowadays passwords are not stored in plaintext, only as password + salt and hashed (minimum). But I haven't found any exact confirmation that gpg does NOT store (cache, place in RAM) ...
29
votes
6
answers
7k
views
Is it insecure to display the number of characters when users enter a new passphrase?
When users are entering a new passphrase somewhere, it's helpful to provide feedback on the number of characters received by the system.
In a user experience (UX) test I just ran, my user created a ...
-2
votes
2
answers
2k
views
Why should we only keep the private key secret, why not the public key? [duplicate]
If I am not wrong, both private key and public key are the same since communication is possible only if both keys are matching. So, why we should only keep the private key secret, why not public key? ...
0
votes
1
answer
156
views
Does knowing part of a passphrase for sure really mean that you can "disregard" that entire part when trying to crack it?
Alice bought 1 Bitcoin and encrypted her wallet.dat in Bitcoin Core.
Samantha, Alice's friend, notices the Bitcoin price skyrocketing and, while Alice is in the bathroom, steals Alice's wallet.dat as ...
2
votes
1
answer
168
views
How can the passphrase matter besides the very most obvious patterns? [duplicate]
Let's say that my passphrase is:
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaapassword9
Yes, it looks ridiculous. But only because we already know it. An attacker, trying to brute-force their way into this ...
3
votes
2
answers
451
views
How secure is the getapassphrase.com approach to password generation?
getapassphrase.com is a website that generates passphrases. The user sets a complexity in bits, and the site spits out results like:
liberal panda and ill asp decline young suit in Kansas
or
rowdy ...
12
votes
3
answers
3k
views
Diceware as a passphrase for online accounts
I'm reading about Diceware and cryptography in general and I know how secure Diceware can be. I stumble upon this part on The Intercept about Diceware and it says:
"You don’t so much need them ...
8
votes
2
answers
359
views
Randomly selected words converted into sentence. Did I lose passphrase strength or gain it?
I got 5 dice and opened EFF's wordlist, and generated a random five-word passphrase (all letters small with spaces, no punctuation) for my PC.
The words were making up a meaningful scene in my mind, ...
0
votes
2
answers
642
views
openssl, recover passphrase with encrypted and not encrypted file
Some of my colleague give me 2 file of private key (one is encrypted and the other is decrypted) and a passphrase. But it seems that is the wrong passphrase.
Is it even possible to recover the pass ...