
Ask HN: Anyone Using Icedrive.net? - fmpwizard
I&#x27;m looking for an encrypted cloud drive and I found :
https:&#x2F;&#x2F;icedrive.net&#x2F;encrypted-cloud-storage<p>Can anyone here comment on their statement:<p>&gt; Icedrive is the only encrypted cloud storage solution to use the bulletproof twofish algorithm. Widely accepted by cryptographers as a more secure solution than AES&#x2F;Rijndael.<p>?<p>What I know about them and bothered me is that their sign up page restricts passwords to 32 characters max. Most of the time, when I see a site having such limits, they also have very questionable decisions all across their app.
======
mtmail
If that's the only concern just email them. I'd say the limit is the
web/backend framework default configuration. In mine I had to set 128
manually. In the configuration file there was a warning about the number of
stretches to set. A long password with high number of stretches can take 60s
to encrypt (decrypt is faster) and used to make a website unresponsive. Rather
look what the minimum password length policy is, if they support 2FA, all
indications they care to protect the password.

If really paranoid you can use open source, your own keys and a provider like
[https://www.borgbase.com/](https://www.borgbase.com/)

~~~
fmpwizard
the password length was part of the issue, but one where I need help with is
them saying: "Widely accepted by cryptographers as a more secure solution than
AES/Rijndael"

~~~
dylz
The part I'm more concerned about is that they turn off encryption completely
for free accounts, which implies the existence of some kind of remotely-
controllable "encryption killswitch"

