Marc: "and while entering the passphrase there are no asterisks shown.
[...] For John Doe user it might be good if he sees those while typing
the passphrase. Somewhat cosmetic, but for the records."

I'd rather not see asterisks when entering my passphrase because once an
attacker knows how many characters are within the passphrase, the
passphrase becomes a lot weaker and easier to crack. Instead of brute-
forcing an unknown number of characters, one would only need to brute-
force a known number of characters, drastically reducing the number of
possibilities. For a regular password, this might not be of such
concern, but a high-security passphrase should be kept as secure as
possible. When entering the password in the console, it's not displayed,
so I think when entering it at boot-up time it shouldn't be shown,
either. Or even better, making it an option, perhaps set in
/etc/default/cryptsetup or some such place, so asterisks can be on by
default for John Doe and people concerned with higher security can turn
it off.

-- 
Upstart doesn't activate luks volumes in cryptsetup
https://launchpad.net/bugs/62751

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to