Is it realistic to think that a determined opponent would not be able to break the vault with enough resources doing a brute force attack on the master password should an encrypted vault be stolen?
With a master password of sufficient entropy (is 24 bytes enough?), do you do anything extra to make this an even larger problem for a determined attack should they get a copy of the vault.
Having spent days changing every account/password and 2FA because the encrypted vaults were stolen, I am looking to mitigate from doing this every again which is where this question is originating from.
JimDunphy3 karma
Is it realistic to think that a determined opponent would not be able to break the vault with enough resources doing a brute force attack on the master password should an encrypted vault be stolen?
With a master password of sufficient entropy (is 24 bytes enough?), do you do anything extra to make this an even larger problem for a determined attack should they get a copy of the vault.
Having spent days changing every account/password and 2FA because the encrypted vaults were stolen, I am looking to mitigate from doing this every again which is where this question is originating from.
View HistoryShare Link