From 27481e6449f887696eeef047e024990b14ae7cd3 Mon Sep 17 00:00:00 2001
From: Daniel Micay <danielmicay@gmail.com>
Date: Wed, 13 Jan 2021 04:46:58 -0500
Subject: [PATCH] add information on separate passphrases

---
 static/faq.html | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/static/faq.html b/static/faq.html
index 84d0242b..a39783e0 100644
--- a/static/faq.html
+++ b/static/faq.html
@@ -338,7 +338,11 @@
                     only for managing other profiles. Using a secondary profile for regular usage
                     allows you to make use of the device without decrypting the data in your
                     regular usage profile. It also allows putting it at rest without rebooting the
-                    device.</p>
+                    device. Even if you use the same passphrase for multiple profiles, each of
+                    those profiles still ends up with a unique key encryption key and a compromise
+                    of the OS while one of them is active won't leak the passphrase. The advantage
+                    to using separate passphrases is in case an attacker records you entering
+                    it.</p>
 
                     <p>File data is encrypted with AES-256-XTS and file names with AES-256-CTS. A
                     unique key is derived using HKDF-SHA512 for each regular file, directory and