There is no limit on the length of a passphrase,
faramir.cl at gmail.com
Tue Oct 21 05:37:15 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
David Shaw escribió:
> On Oct 20, 2008, at 10:15 PM, Morton D. Trace wrote:
>> GnuPG needs a pass phrase to protect the primary and
>> subordinate private keys that you keep in your possession.
>> What to do if the pass phrase needs to be stronger than what can be
>> practically typed?
> Rethink what you're trying to do.
IIRC, once I saw somebody saying 128 bits is more than enough for a
good passphrase. And that beyond that lenght, there was no real strengh
gains... But maybe I am not recalling it correctly...
Anyway, bruteforcing an 8 characters long SHA1 password, in a home
computer, would take months... even using several home computers to
shorten the time would not be practical... so unless the threat comes
from some first world government, or by somebody willing to spend a lot
of money to break the passphrase...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the Gnupg-users