Closed PhantomArt closed 1 year ago
The password gets hashed with 100,000 iterations of PBKDF2 which slows down brute-force attacks somewhat, but for good security I'd recommend having at least around 80 bits of entropy in the password, e.g. at least 13 actually-random printable ASCII characters, more is better.
What are the recommendations in choosing a password for
Crypto::encryptWithPassword()
, which will eliminate the expediency of brute force when compromising an encrypted file? Suppose the password consists of a set of printed characters of ASCII. What will be the safe minimum length?