Then it's not so shitty after all, is it? I'm a noob in encryption, anyone got any counter arguments?
Well, it's just bruteforcing passphrases. For every character you add to the passphrase length, you change the difficulty of bruteforcing quite a lot. Let me demonstrate
Just imagine what you could do with the 138 Thash/s SHA256 hashpower that the bitcoin network currently has LOL.
OK, lets imagine. [source:
http://calc.opensecurityresearch.com/ ]
Bruteforcing SHA256 at 138 terahash/s when key length is.. (oh, I just checked: according to blockchain.info the hashrate is today 174 terahash/s)
8: less than a second (lowercase alphanumeric) | 1 second (mixed alphanumeric)
9: less than a second | 1 minute 39 seconds
10: 27 seconds | 1 hour 43 minutes
11: 16 minutes | 4 days
12: 10 hours | 275 days
13: 15 days | 47 years
20: 3 billion years | 164 trillion years
256 lowercase alphanumeric characters (SHA256 hash):
So keep your passphrases long. I suppose to maximize key strength one could hash the passphrase before using any standard truecrypt algorithm. It's rather likely that an attacker would attempt to bruteforce against a known hashing algorithm (or a sequence of them), so that's one more hindrance.