Does Longer Encryption Password Equal Better Encryption?

Question

Does Longer Encryption Password Equal Better Encryption?

Just hypothetically speaking, if I encrypt one hard drive with a one letter password and another hard drive with a twenty letter password, will I see a difference in how fast my data is accessed? Is the data any more securely encrypted with a one letter vs, say, a twenty letter password? Does the computer have to "work harder" to de-crypt one vs twenty letters? And I am not talking about someone guessing the password, just in the encryption algorithms. Thank you.

MacBook Pro, OS X Mavericks (10.9.5)

Posted on Dec 29, 2014 7:32 PM

Reply

Answer 1

Kurt Lang

Level 9

58,146 points

Dec 29, 2014 7:38 PM in response to Joseph Slonaker1

The length of the password has zero effect on the encryption. Shorter is easier to crack or gues. Longer is harder.

Reply

Answer 2

Jan 1, 2015 1:09 PM in response to Kurt Lang

So I take it from what you say is that the encryption algorithms do not use the selected password as part of it's method of encrypting. Therefore, the only thing the password does is grant access to the data, it does not form part of the process of encryption. Then if the password is not the key to the cipher, what is? Just trying to understand how the encryption method is selected if it's not based on the password.

Reply

Answer 3

Kurt Lang

Level 9

58,146 points

Jan 1, 2015 1:49 PM in response to Joseph Slonaker1

Therefore, the only thing the password does is grant access to the data, it does not form part of the process of encryption.

Correct. You either know the password to access the encrypted data, or you don't. It isn't part of the encryption process, other than accessing the data. Regardless of how long or short your password is, XTS-AES 128 encryption is used for the data on the drive.

Much more on it here. Note where it sets up a long, secondary recovery key for you, in case you can't remember your password. You can setup security questions and have this "safety net" key sent to Apple. In the event you truly lock yourself out of you data, you can retrieve the secondary access key online (from a different computer, of course).

Reply