Same password on every file? Secure?

Discussion related to AES Crypt, the file encryption software for Windows, Linux, Mac, and Java.
Post Reply
User avatar
paulej
Posts: 525
Joined: Sun Aug 23, 2009 7:32 pm
Location: Research Triangle Park, NC, USA
Contact:

Re: Same password on every file? Secure?

Post by paulej » Sat Dec 19, 2015 8:24 am

The only good reason for using different passwords for each file is so that if somebody discovers one password, they can't gain access to every file. Personally, I don't worry much about that, since I use complex passwords of reasonable strength that I don't write down. But, I will use different passwords for different use cases, such as a backup file vs a file I email to somebody.

The passwords can be any length up to about 1024 characters, if I recall correctly. The password isn't the key,though. The password is hashed using SHA-256 about 8192 times to produce the 32 octet key used by AES. For backup files, I usually use passwords that are random with about 64 or more characters (using pwgen). Those get written down, though, as I can't remember them. For other files, I usually use 16 character passwords generated using Single Pass. I remember a really complex password and often use the file name as the "service name". Still others are just passwords I store only in my head of varying lengths.

You need a strong password, and I tried providing some guidance on the pwgen page. But another important consideration is " don't lose your password ". There's no recovery from a lost password, unless it's weak and can be guessed easily.

Post Reply