I was recently intrigued to learn that only half of the respondents to a survey said that they used disk encryption. Android, iOS, macOS, and Windows have been increasingly using encryption by default. On the other hand, while most Linux installers I’ve encountered include the option to encrypt, it is not selected by default.
Whether it’s a test bench, beater laptop, NAS, or daily driver, I encrypt for peace of mind. Whatever I end up doing on my machines, I can be pretty confident my data won’t end up in the wrong hands if the drive is stolen or lost and can be erased by simply overwriting the LUKS header. Recovering from an unbootable state or copying files out from an encrypted boot drive only takes a couple more commands compared to an unencrypted setup.
But that’s just me and I’m curious to hear what other reasons to encrypt or not to encrypt are out there.
I don’t for a pretty simple reason. I have a wife, if something ever happened to me then she could end up a creek without a paddle. So by not having it encrypted then, anyone kinda technical can just pull data off the drive.
Give her and your personal representatives the keys or access to the keys. Problem solved.
Same problem as you passwords and password manager.
I understand that giving the keys can partially solve the access problem. But she would still possibly be unable to use the device. Additionally, I don’t know that she would be capable of using the keys without additional assistance and we don’t have other techies in our community who could step up in that capacity.
I get it. Credential storage and recovery is a big issue. People vary in skill, ability to keep track of keys or remember how to use them, and they may not have a password manager, safe deposite box, or other locked storage to store them in.
If that’s the only reason, it’s not a great one. You could solve it by storing the password with your important documents.
It is the largest reason. Storing the password is one thing but to make the device reasonable to use I would likely store the key’s in TPM with a backup key. I don’t think she would be technical enough to use the backup keys were something additional to happen.