|
|
|
|
|
|
by jackjeff
3289 days ago
|
|
|
Full disk encryption only really offers security for the following 2 scenarios: - My computer/phone was lost and it was powered off. If my password is good and secure, then I can be assured the data contained on the disk will not fall into the wrong hands. - I need to securely wipe data off the disk, because I'm selling the computer or something. Just deleting the master encryption key contained on the disk is probably enough to render the whole thing unreadable. I don't need to spend days using special software to overwrite all sectors multiple times. Once the system is booted, the decryption key for the disk will be made available to the OS, and all files will be made available to root processes. At this stage, having a encrypted disk offers no more protection than having a non-encrypted one. |
|
|
From what I have read, on any reasonably recent drive (made in last two decades or so) a one time random pass is plenty fine.