On Tue, May 18, 2010 at 08:57:58PM +0200, Stefan G. Weichinger wrote: > Am 18.05.2010 19:57, schrieb Jan Engelhardt: > Ok, I see. So my current setup with one disk only and SSL-generated > keyfile does not add security but flexibility (being able to switch > passwords more quickly).
Keep the keyfile in a usb-stick if you can. Decrypting the hard disk will require both the usb-stick and the password, i.e. two factor authentication. -- Eray