Question: I guess am a bit of a paranoid ha… anyway i encrypted my HDD with truecrypt using all printable ASCII characters and the password is 64 characters long. It is quite random, certainly no dictionary words but it is still possible to memorize easily.
Can it be brute-forced? The thing is, i know that its supposed to be secure, but isn’t there a chance that someone can just guess the password after like 10 attempts?
Surely that possibility exists. Sometimes lightning strikes as they say.
Answer: The short answer is: NO!
No security measure is safe on its own, as it may contain bugs/vulnerabilities/etc. It might withstand a single method (e.g. brute-forcing) for circumventing the protection, but there might be a combination of methods that it may not be able to handle.
Truecrypt was (or, still is?) vulnerable to “Cold boot attacks“:
?
?
TrueCrypt stores its keys in RAM; on ?an ordinary personal computer the DRAM ?will maintain its contents for several ?seconds after power is cut (or longer ?if the temperature is lowered). Even ?if there is some degradation in the ?memory contents, various algorithms ?can intelligently recover the keys. ?This method, known as a cold boot ?attack (which would apply in ?particular to a notebook computer ?obtained while in power-on, suspended, ?or screen-locked mode), has been ?successfully used to attack a file ?system protected by TrueCrypt.
Additional reading on “TrueCrypt Security Concerns“.