htd+ml at fritha.org
Sun Sep 27 20:55:54 CEST 2015
On 27.09.2015, Mike Nagie wrote:
> As we just have concluded that a Diceware passphrase is much more
> secure, then I'd like to ask you: should I need more than one LUKS key?
What's your thread model, actually? Whom do you want to protect your
> The original idea was, creating an encrypted partition for the /home
> then I'm going to set a very strong master passphrase (I assume that
> slot 0 is the master) after that I add another LUKS key which is the
> same password as my account's.
That would reduce your password strength to the strength of the
weakest of these two.
> Does more than one LUKS key reduce the security?
A chain is only as strong as its weakest link. This law applies
perfectly also to this particular scenario.
> Does it matter if I have a really strong passphrase and a not that strong second phrase?
Think about it. It's quite obvious.
More information about the dm-crypt