The reason is people like lostpassword and elcomsoft can use fire-wire ports to retrieve your cached keys by doing the following: Well if you have caching password enabled on your True-crypt settings !! then you are not if someone gets access to your computer physically. What If I use a strong combination of algorithm (Serpent-Twofish-AES) and strong password am I safe ? Only if you use strong password for example then you can be sure that your data is safe and the reason for that is because hashkill can brute force any type of algorithm including combination of three algorithms ! What if you use a combination of three algorithms will it be safer option? If you ever use AES as your encryption algorithm then be aware that your container can be attacked by Truetrack and Hashcat. Therefore I thought of sharing this information that I recently found while surfing the net. First of all True-crypt encourages you to use AES as its the first on the list (default) and its the fastest when you benchmark all available algorithms. This does not mean isn’t safe I will just show how to make it stronger against various attacks. However I found out stuff that we should all be aware of to avoid our sensitive data being exposed. Truecrypt is Free + Open source disk software. Posted by Warith Al Maawali on in Blog | 3 comments