Is LUKS secure with a low-entropy (bad) passphrase?
Note: You should only use the 94 printable characters from 7 bit ASCII code to prevent your passphrase from failing when the character encoding changes, e.g. because of a system upgrade, see also the note at the very start of this FAQ under “WARNINGS”. This needs a bit of theory. The quality of your passphrase is directly related to its entropy (information theoretic, not thermodynamic). The entropy says how many bits of “uncertainty” or “randomness” are in you passphrase. In other words, that is how difficult guessing the passphrase is. Example: A random English sentence has about 1 bit of entropy per character. A random lowercase (or uppercase) character has about 4.7 bit of entropy. Now, if n is the number of bits of entropy in your passphrase and t is the time it takes to process a passphrase in order to open the LUKS container, then an attacker has to spend at maximum attack_time_max = 2^n * t time for a successful attack and on average half that. There is no way getting around th
