5

I understand the risks of password reuse when we share the password with 3rd parties as perfectly discussed under this question: Is password reuse a problem if the password is very strong?

However I wonder if there are risks associated with reusing a strong password for disk encryption like FileVault, BitLocker, or dm-crypt? And reusing the password only for external disks, not anywhere else.

Except for the risk of having multiple disks exposed by a successful brute-force attack on one of them, are there any other dangers?

I see a risk if the same password was used for a system (boot) disk and an external one. In this case a keylogger running as a process under the OS could steal a password typed when an external disk is attached, thus exposing the password for the system disk. However if the same password was reused only for external disks?

techraf
  • 9,149
  • 11
  • 44
  • 62
  • 2
    Does not seem to be a duplicate of [Is password reuse a problem if the password is very strong?](https://security.stackexchange.com/questions/101385/is-password-reuse-a-problem-if-the-password-is-very-strong). As of now, all answers assume 3rd-party disclosure of you password. In this question there is no 3rd-party so those answers are irrelevant. – Neil Smithline Oct 01 '15 at 14:14
  • Password reuse is always a bad idea, it gets you used to doing something that will bite you down the road. GoToMyPC, Carbonite, LogMeIn, et.al. in the past week are showing why as one example that can be extended elsewhere. – Fiasco Labs Jun 22 '16 at 04:34

2 Answers2

2

The problem is in fact similar to the question you mentionned. You have a password which is reused on several external disks. You encrypted them because you want to avoid data loss following physical theft.

Should for a reason or another your password be recovered (a vulnerability of the crypto one of the disks for instance) then all the disks are vulnerable.

WoJ
  • 8,968
  • 3
  • 33
  • 51
  • Thank you. You've identified a valid risk when reusing the password across different encryption mechanisms. – techraf Oct 01 '15 at 23:22
  • Glad it helped.If you are satisfied with the answer please accept it by ticking the check mark (which will turn green), below the vote button. – WoJ Oct 02 '15 at 05:58
2

If the drives are at rest, having them share a strong password isn't of much risk. The real risk happens when you decrypt a drive and the password is now in the machine's memory for as long as it's powered on, so if it gets compromised (that can happen remotely), the password is in the attacker's hands and can now be reused to decrypt the other drives.

André Borie
  • 12,736
  • 3
  • 40
  • 76
  • Is it the password or an encryption key that is kept in the memory? Is the encryption key the same on two or more disks? – techraf Oct 02 '15 at 04:40
  • @tecraf it depends on the implementation, but it's better to be safe than sorry so I prefer to prepare for the worst and assume the password itself is in memory. Plus, nothing prevents the attacker from compromising the code responsible for asking the password and rebooting the machine, waiting for the user to enter the password on the (now compromised) machine. – André Borie Oct 02 '15 at 06:41
  • Well, if there was a password-stealing-malware installed, then what difference using different passwords would make (unless you never connected the disks)? – techraf Oct 02 '15 at 06:50
  • @tecraf I'm assuming the drives will be in separate machines. A compromise of one machine shouldn't compromise the security of the other drives connected to other machines. – André Borie Oct 02 '15 at 06:56
  • Well, actually in my question I explicitly asked about "external drives". What you wrote now is that I have as much security as the least secure machine to which I connect the drives. If I wanted to "protect" one if the drives by never connecting it to a less secure machine and at the same time reuse the password, I agree that would be a risk. – techraf Oct 02 '15 at 07:24