Closed BenWestgate closed 11 months ago
This has been completed. If the passphrase is between 50-65 bits they are warned it is insecure against a TLA attack with physical access to their USB stick. If they are below 50 bits the only option is to restart and choose a stronger passphrase as this is borderline useless territory where the wallet can be cracked for the same or less than the wallet contains within the next 10 years.
Note: I did not make the passphrase spaced repetition optional. I will wait for someone to complain to do so.
Originally posted by @BenWestgate in https://github.com/BenWestgate/Bails/issues/24#issuecomment-1646642739
I can evaluate the entropy of existing Persistent Storage passphrases, I cannot check whether they actually work to unlock the storage or not.
The spaced repetition trainer should be Optional in this case since they may have already memorized a strong passphrase.
The instructions should tell them to Restart and "delete their Persistent Storage" if a weak passphrase was used (<12 char, low entropy, used for anything else, etc)