You are not logged in.
Pages: 1
Hi everyone,
I've successfully set up my laptop to unlock the Luks root volume with the new --tpm2-with-pin feature of systemd-cryptenroll (systemd v251).
Previously, I used a USB key with a keyfile on it, and a passphrase as a backup after a timeout if the flash drive was not discovered.
Any idea on where I can find guidance on how long a PIN should be for this to be reasonably secure ? For example compared to a random keyfile on a USB key, or a reasonably long Luks password.
Thanks !
Offline
Pages: 1