Darkarc

-

Would it be possible to add a wrapper on to the encryption key similar to how bitlocker does it so we can change the "password" without needing to re-encrypt the whole thing or depend on another program like bitlocker to go? The main benefit of this is if the drive gets big enough such as a terabyte or even a pentabyte the user could easily change their password without needing to re-encrypt or transferring everything. Along with that if the users password is somehow exposed their symmetrical encryption key itself may still be safe as long as they change their password in time, basically providing another additional layer of security. This could be an option in the program like "use asymmetrical key" when creating the drive. Doing some quick research it looks like to accomplish this you would store the symmetrical key that we use to encrypt and decrypt our drives on the cloud itself, or some other methods like how it's currently stored on windows key management, and encrypt that key somehow with an asymmetrical key that could easily be changed based on their password.