I'm a different commenter but yeah, solutions exist. For example systemd-crypten... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		KAMSPioneer 5 days ago \| parent \| context \| favorite \| on: Microsoft will finally kill obsolete cipher that h... I'm a different commenter but yeah, solutions exist. For example systemd-cryptenroll let's you use a FIDO token (or TPM or PKCS#11 smartcard) to unlock your encrypted disk and it's very easy to set up. Quite literally a single command. Windows Hello serves the same purpose for Windows, though I'm sure there are caveats/differences.

SahAssar 4 days ago [–]

If it's a fido hardware token you still need to make sure you have a backup token. It's a lot simpler on windows/macos where you can use biometrics for the same purpose.

slashdave 4 days ago | [–]

You can setup multiple keys. It would be crazy not to include a simple ascii hash key in addition.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact