Quote:
Originally Posted by Monotony
|
Exactly. Truecrypt doesn't use your password "as-is", but performs some cryptographic operations on it. The (pseudo)random number generator, that's part of this operation, starts with a seed. If the seed was a well-known or predictable value (like the time the truecrypt volume was created), an attacker would be able to generate data that is identical to the data your Truecrypt install generated when it created the container. By moving your mouse around, you are creating data that the attacker cannot predict or reproduce.