Use both. Keep your key file in your flash drive and bring it allways with you. But not somwhere on desktop (it is the same as writing password on sticky notes). I'm using this way to my encrypted HDD partition (with truecrypt). So if anybody still somehow get your password, they need keyfile too.
↧
