Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Around 2011 I set up full disk encryption for the first time. The systems I did this on were some second hand computers that I had bought and installed FreeBSD on. The systems were very stable. Too stable! They were running for several weeks until one day when there was a power outage. I booted the machines and promptly realised that I was not entirely sure about what the convoluted password I had chosen for full disk encryption was exactly.
I lost quite a bit of data that day.
It taught me to stop with silly 5|_|1357:7|_|7:0|\|5 and to use long passphrases instead. This ensures high entropy without the possibility of forgetting symbols chosen, because there are no symbols to remember.
It also taught me to frequently reboot my computers, so that I remember the passphrases to decrypt the disks.
I have a tool that I wrote and which I actively use myself for generating passphrases, it’s called Pgen and it’s open source at https://github.com/ctsrc/Pgen