I have decided to get serious about off site backups. Naturally, I don't want my data to be readable by prying eyes, so I'm encrypting it. I've done some research, and it's obvious that passwords suck. If my encrypted data is not physically in my possession — it could be in the cloud, at a friend's house, in a safe deposit box, or whatever — then all an attacker needs is enough time to crack it. Worse, the time during which an attack might be detected is only however long it takes to make a copy. After obtaining that copy they can spend all the time they need to crack it.
According to Wikipedia, "As of 2011, commercial products are available that claim the ability to test up to 2,800,000,000 passwords per second...Such a device can crack a 10 letter single-case password in one day." Passwords really suck.
OK, so I need to use a much stronger key to protect the encrypted data. This is not difficult, a few hundred randomly-generated characters is more than enough. But it's also more than I can commit to memory so I have to store THAT somewhere safe, too. Did I mention the application is an off site backup? The idea being, of course, that if the primary copy of my data is destroyed I have something I can recover from. So I need to store the key somewhere that's not likely to be involved in any event that takes out my primary data. Something that fits in my wallet, perhaps, so it's in my physical control. But wallets can be stolen, and if Evil Attacker is reading this he'll know just where to look for my key file.
So I believe (and apparently so do many others in the industry) that a good solution has two factors: something I have (the key file) combined with something I know (a... password). If I store my key file on something that's password protected then I have two-factor protection.
But passwords suck. What I really need is a key file storage device that can resist a brute force attack. I've heard of smart cards and USB devices that use built-in hardware encryption and will wipe their keys after some number of failed attempts. I imagine even they can be defeated in a sufficiently-equipped lab, but really, I'm not that important or interesting.
Are these devices all they're hyped up to be? What other solutions should I consider?"