From eb35b4ba62f990b179c8cab9c76c49eb45130e90 Mon Sep 17 00:00:00 2001 From: Daniel Micay Date: Thu, 1 Apr 2021 13:47:44 -0400 Subject: [PATCH] clarify recommendation --- static/faq.html | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/static/faq.html b/static/faq.html index 2f669979..6d1c3fa4 100644 --- a/static/faq.html +++ b/static/faq.html @@ -396,15 +396,13 @@ owner profile without rebooting due to it encrypting the sensitive system-wide operating system data.

-

Our recommendation for a high security setup is to use the owner profile - only for managing other profiles. Using a secondary profile for regular usage - allows you to make use of the device without decrypting the data in your - regular usage profile. It also allows putting it at rest without rebooting the - device. Even if you use the same passphrase for multiple profiles, each of - those profiles still ends up with a unique key encryption key and a compromise - of the OS while one of them is active won't leak the passphrase. The advantage - to using separate passphrases is in case an attacker records you entering - it.

+

Using a secondary profile for regular usage allows you to make use of the + device without decrypting the data in your regular usage profile. It also + allows putting it at rest without rebooting the device. Even if you use the + same passphrase for multiple profiles, each of those profiles still ends up + with a unique key encryption key and a compromise of the OS while one of them + is active won't leak the passphrase. The advantage to using separate + passphrases is in case an attacker records you entering it.

File data is encrypted with AES-256-XTS and file names with AES-256-CTS. A unique key is derived using HKDF-SHA512 for each regular file, directory and