[cryptography] Fwd: Re: Commercialized Attack Hardware on SmartPhones
tom at ritter.vg
Sun Mar 2 11:47:35 EST 2014
> ---------- Forwarded message ----------
> From: "shawn wilson"
> How about a dictionary and rules. Even if you choose an alphanumeric
"strong" pass, you're kinda limited to the phone's keyboard - you're not
going to want to switch case or between letters and special too often.
Also, IIRC Android limits length to 15 chars. I also don't think the screen
lock can be different than the boot pass (so everything I said above should
> Basically what I'm saying is use hashcat.
In regular use I agree completely. But in my threat model (what I'm
preparing for) is 'prepared use' - you're knowingly crossing a border or
attending a protest, want/need your phone, and are willing to have a
painful password for a short bit.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography