So I lost my OpenBSD FDE password (2016)

This is one the main problems with our approach to information security: we disproportionately prioritize protection of our data against theft&#x2F;law enforcement&#x2F;rogue bigtech employee over losing it in any other way. That&#x27;s why many have lost their thousands of bitcoins, because they secured their keys so hard against theft that their data has eventually become unrecoverable despite that there&#x27;d be no thief, officer, rogue employee perhaps for a decade.<p>People who advise not using cloud for backups, suggesting cold wallets and whatnot as blanket advice have been harmful by giving way to the orders of magnitude more likely but the catastrophic scenario that is simple data loss.<p>Some people bash on Microsoft for backing up your drive encryption keys in the cloud for example, but it&#x27;s the most common failure mode they&#x27;re trying to address. No thief would access your cloud, no state-level actor would be deterred by lack of cloud (see: xkcd wrench), no rogue employee could make use of your hard drive encryption keys.<p>Get your priorities based on your threat model, and get your threat model right, people.

This is something that is difficult when trying to encourage less technical users to be secure. Once you convince them to do things right, they&#x27;ve heard of circumstances like this and are petrified of accidentally losing something.<p>In a commercial environment there are ways and means¹ but getting a non-technical user to securely and safely manage access credentials is can be a time consuming education process. Especially after the first time someone comes to you to hack their stuff because they&#x27;ve lost their keys &amp; they never did do that backup thing you good then about³ and you tell them it simply isn&#x27;t possible.<p>Even those of us with experience in the field sometimes make mistakes that we can&#x27;t revert, so people without that experience can be forgiven to an extent for trading security for what they think is safety (but is really just convenience).<p>Solutions, that don&#x27;t involve someone being an unpaid 24&#x2F;7 infrastructure support tech, on a postcard please!<p>----<p>[1] if procedures are properly followed² code is in source control and documents are in equivalent storage, the most you should be able to lose is today&#x27;s work<p>[2] yeah, I know…<p>[3] or that uses the same, now lost, credentials

I’ve just been using the same password for my FDE forever, and only for that purpose. I figure it keeps my data safe from theft, but probably not from the feds or my wife if she wanted in there, because they could either compel me to unlock it or have access to put some keyboard sniffer in my boot loader.<p>The password is quite a few random characters that I memorized when I first used FDE decades ago and I’ve never had reason to change it.<p>I rotate my other passwords often and never use this one anywhere other than a boot loader; I don’t even type it into a running operating system to save it.<p>I’ll never forget it, but if I had to change it then I think I would go with the “battery horse stapler” method of pass phrase.

With encryption, you always have to balance the risk of having others access to your data to that of you also potentially losing access to your data forever. In other words, is it more important that no one, not even myself, can gain access, or is it more important that I can always have access, even if that means everyone else could? I suspect for much of the data people have, they&#x27;ll categorise it as the latter instead of the former.<p>If you&#x27;re looking for something in between, then deliberately weaker encryption might be what you want, although almost no one seems to mention that much.

It&#x27;s good to have a vulnerability some times.<p>A couple years ago someone lent me an Android phone to do some development on (it had some hardware feature I didn&#x27;t already have on my testing phones). I don&#x27;t use my main google account on dev phones so I promptly set it up with whatever google generated for me and I forgot both the email and the password.<p>6 months later I have to give it back, and I hit reset to defaults. Surprise! The phone asks me for the previous account and password!<p>Back then the feature was new, which is why I didn&#x27;t know about it. Fortunately, being new it was also buggy.<p>I managed to complete the factory reset through a complicated process that involved going through accessibility options, replacing some system apk with an older version (via adb i think) and some other trickery that I forget. But the stuff was mostly in the open on youtube.<p>This being strictly a dev phone, I had no data to lose. It only had on it apps I was working on and thus I had the full source code in git. Still, it was good to not create more ewaste.<p>I&#x27;ve been paying attention on newer test phones though. I don&#x27;t think that security feature is as easy to bypass these days...

96 comment thread from back then (2016)<p><a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=12431248" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=12431248</a>

This is a big reason why I don&#x27;t use full-disk encryption; I simply have no threat model that would warrant the risk of using it.<p>FDE doesn&#x27;t protect against remote attacks, and anyone who would physically make off with my devices (a VERY unlikely event) is either:<p>* A thief who will turn around and sell them to someone who will erase them.<p>* A state actor who will get the data no matter what I do (and find it of no interest anyway).

I&#x27;ve been meaning to do this with my LUKS headers and zpool headers since reading about fast bcrypts via GPU a few weeks ago; I suspect that my FDE passwords are not powerful enough, but I&#x27;d like to put them to the test.

BitLocker does this much better. With TPM+PIN mode, the TPM will only decrypt the volume master key if all the right hashes are in the platform configuration registers for the BIOS, option ROMs, MBR, filesystem headers and bootloader, and the user-specified PIN is correct. Or if you enter the 128-bit recovery key.<p>The BSDs and Linux have a lot of catching up to do.

correct horse battery staple something something

(2016)