Why doesn't encryption software like TrueCrypt have settings to try and hash the password millions of times for extra...

Why doesn't encryption software like TrueCrypt have settings to try and hash the password millions of times for extra strength, so it takes like a minute to successfully decrypt the container even if you have the right password?

Other urls found in this thread:

veracrypt.codeplex.com/wikipage?title=personal iterations multiplier (pim)
twitter.com/AnonBabble

A full minute per password entered is a really long time.

I'll tell you the answer if you tell me why bulma is topless

Why doesn't it take a minute opening the loch on your front door?

Because paedophilia is against the law.

What does that have to do with bulma being topless? She gets married, so obviously over 18

Because nobody brute forces passwords anyways. They either use a keylogger or similar to steal the password, or abuse a flaw in the encryption implementation to render the password itself moot.

kys weeb lmao

>She
It?

>loch
kek. digital locks are not physical locks, nor are they a method of traversing grades in a canal system.

brute forcing doesn't try to recreate your password it tries to recreate the private key.

But they do..

veracrypt.codeplex.com/wikipage?title=personal iterations multiplier (pim)

shes not topless you dumb fuck
if you actually watched dragon ball you would recognize the bunny suit

Oh, it is SO fucking important! Thank you for the enlightenment!

Bullshit.

Oh

Thank you my user. Also is it actually a good security measure? If they go straight for the private key then I guess it won't help at all, but going for that seems much harder than going for the password, assuming the private key is sufficiently long which it probably is (why wouldn't it be)

sorry, didnt mean to speak to you that way lad, please forgive

The actual private key would be much longer yes. If you’re going to be decrypting sensitive stuff, the value you need depends on how many times day to day you’ll be decrypting. If you’re only decrypting once per day, a 5 minute wait really isn’t that bad to be honest. That would probably have a PIM around in the 2000s, depending on the PC. It’s pretty effective at decreasing the odds of a successful brute force attack, combined with a strong pass

KeePass has this feature. I've got my KeePass database set to take 10 seconds to test my password.

I have KeePassX, but don't see that as an option.

veracrypt does this
and it's a configurable setting

but really, see no one is going to bruteforce it, not when there are much softer attack avenues

In KeePass you open the database, then file->database settings, then go to the security tab and change the transformation rounds number.

She does actually appear topless in Dragon Ball. It happens in episode 71 and it lasts just a single frame.

I've done that, but changing the number of transformation rounds doesn't seem to do shit for me.

Maybe I should upgrade to KeePass2, instead of using KeePassX.

Veracrypt does.

I thought keepassx was the cross platform version and there is a keepassx 2. Keepass is the windows only version.

>encryption software
>like TrueCrypt

fucking lol'd

Sorry user, look I haven't really been into this stuff for years, I started years ago and at the time TrueCrypt was considered top of the line and basically the holy grail. I see a lot of people talking about VeraCrypt now - I will probably switch to that

Is it really urgent i.e. I have to switch to VeraCrypt RIGHT NOW or everything will be easily crackable, or is it just a few minor edge cases? Note my containers are all on air gapped hardware

The Truecrypt audit found nothing severe. I'd honestly trust a fork of it much much less.

Animation girls aren't real human, therefore they have no right. - Japan Expert

Use argon2 to derive extremely long passphrases at 50,000+ iterations and use those passphrases in truecrypts KDF. Or modify the KDF to use argon2 directly.

btw use luks insted of that gayshit

Yeah, no thanks Mr. NSA.