search

agherzan / yubikey-full-disk-encryption

Use YubiKey to unlock a LUKS partition
Apache License 2.0
795 stars 50 forks source link

Hash password with sha256 #11

Closed Vincent43 closed 6 years ago

Vincent43 commented 6 years ago

Using password as challenge can have some drawbacks.

  1. Password can be very weak like "aaa"
  2. Password can be longer than 64 characters which is max for yubikey challenge which result in breakage.

As solution we can hash the password with sha256 which give us 64 characters (maximum) length challenge for any user provided password.

In result we have 104 (64+40) characters long LUKS passphrase