This project has moved. For the latest updates, please go here.

Problem changing Password/PIM

Topics: Technical Issues
Mar 16, 2016 at 9:45 AM
I posted this in 'ISSUES' yesterday but maybe it was the wrong place .....

I am trying to change my password (VC 1.16) but this time I thought I would use a PIM as well. (I already use key files). This is a hidden volume. The passphrase is 57 digits long and the PIM is a 5 digit numeral. I am using Whirlpool and wipe mode is 35-pass.

I started the process 16 hours ago. The process banner is telling me to wait as the process will take a long time. (The progress bar is functioning with a blue square continuously running across it).

I am very worried that it is taking over-long. I dare not switch off or hibernate my computer for fear of losing important encrypted files.

I do have a back-up, however, I am not able to access it while the change password process is running, and which password will the back-up want anyway?

Can anyone give me advice please?

Regards
Mar 19, 2016 at 12:07 PM
CavalierD73 wrote:
and the PIM is a 5 digit numeral. I am using Whirlpool and wipe mode is 35-pass.
I think this is your problem: a 5 digit PIM.
Mar 19, 2016 at 4:38 PM
AlbertJohn,
Thanks for reply, but how do I stop the system halfway through the pass change?
Mar 19, 2016 at 6:31 PM
CavalierD73, an offtopic thought.... but if u r using 57 digit password, keyfile, custom PIM and 35 wipes.... with that attitude and still experimenting (changing passwords), you will soon or later lose encrypted data.... one way or another...
Mar 19, 2016 at 7:53 PM
Alex,
Probably very prophetic! Experimenting? Maybe, but Vera should be up to it; I'm not exceeding limits (except perhaps with the PIM, though she didn't complain at the time!)

Rgds
Mar 20, 2016 at 3:25 AM
Edited Mar 20, 2016 at 3:30 AM
There are no guarantees that the developer will continue providing software updates to VeraCrypt. Therefore VeraCrypt does not specify an upper limit on the PIM to future proof the product.

EDIT: Even if the developer were to include a warning if the PIM value exceeded N value, that would be true for today's computer power and cracking techniques. As an example, TrueCrypt has 1000 iterations for system encryption and 2000 iterations for non-system encryption which have been identified by the security audits as being too weak for current computing power.
Mar 20, 2016 at 5:07 PM
Thanks Enigma,

I have created a new Inner and Outer whilst I sort this one out. During the creation of the [new] Inner, Vera did tell me that to exceed a PIM of 452 was greater than the default value and would take a long time to boot. Did I want to continue? I said yes to a number (3 digits this time) higher than that and the result was still a very quick boot.

I am now pretty sure that my 5 digit PIM was the culprit.
Thanks everyone for you input.

Regards
Mar 20, 2016 at 6:37 PM
Hello,

You can reference the documentation to determine the iteration impact for custom PIM values at the link below.

https://veracrypt.codeplex.com/wikipage?title=Personal%20Iterations%20Multiplier%20%28PIM%29

I have a feature request to add benchmarking the hash and PIM values at the ticket below.

https://veracrypt.codeplex.com/workitem/182

Kind Regards.
Mar 20, 2016 at 7:07 PM
The ideal and the only feasible solution, bearing in mind that VC may not be supported in future (as Enigma said), as computing power will increase and probably the need for higher PIM may be reasonable is that VC checks that the PIM is calculated within certain reasonable amount of time (say 5 minutes?) and if not, the process is terminated and the user advised accordingly...
Mar 20, 2016 at 11:16 PM
Enigma, Alex,

Thanks for your info. I think Enigma's benchmarking solution is a good step forward. (It covers what Alex has said in his post). Alex your earlier post about losing encrypted data has come about! I'll just have to bite the bullet and start from square one. Not the end of the world, but a sodding nuisance.

Thanks to you both.

Rgds
Mar 21, 2016 at 5:53 AM
Edited Mar 21, 2016 at 5:54 AM
CavalierD73 wrote:
Alex your earlier post about losing encrypted data has come about! I'll just have to bite the bullet and start from square one. Not the end of the world, but a sodding nuisance.

Rgds
CavalierD73, as with everything in life.... the more "desire" and "attention" you dedicate to something, the more disastrous the result. Whether its your girlfriend, wife, car, house, job, encryption protection, whatever... for God's sake - dont love it because you gonna lose it :)
Mar 23, 2016 at 12:06 AM
Alex. One shouldn't gild the lilly!
R