There is no limit on the length of a passphrase,
Faramir
faramir.cl at gmail.com
Tue Oct 21 05:37:15 CEST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Shaw escribió:
> On Oct 20, 2008, at 10:15 PM, Morton D. Trace wrote:
...
>> GnuPG needs a pass phrase to protect the primary and
>> subordinate private keys that you keep in your possession.
...
>> What to do if the pass phrase needs to be stronger than what can be
>> practically typed?
>
> Rethink what you're trying to do.
IIRC, once I saw somebody saying 128 bits is more than enough for a
good passphrase. And that beyond that lenght, there was no real strengh
gains... But maybe I am not recalling it correctly...
Anyway, bruteforcing an 8 characters long SHA1 password, in a home
computer, would take months... even using several home computers to
shorten the time would not be practical... so unless the threat comes
from some first world government, or by somebody willing to spend a lot
of money to break the passphrase...
Best Regards
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQEcBAEBAgAGBQJI/U5qAAoJEMV4f6PvczxAWw0H/j4xeLxkqKhk/fbFr0TNLUPh
5RrJgR7fwnjFGnGO4b2GnMcesS/R36RI54jNmNvwZJCTRF9dkj2pPrwZPel9rj75
ZYpfwUAY5hUHmjhvqaos/bv+dC1j5dz0MEYP1klpXMAjRaXK/yuM2q13pSFFsMs3
9zJmNAbYQLSXyujvOh38C47f4BANufo6hexfEqlcrA6R4yMKbQT/CZcFcIDpLv9V
MgQULo5VXDBF3hhxgUS2WWyWy6pKG3j/MzINh0Z1YQIf7A2vOUCbvjQWeVKJbUr6
vsY9Fjl4lrDFhgdrlg/QvBkQyZVeR7fFdKpXfZJQSAT5LVEE9LmvSRkI+yBOGtw=
=gOpS
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list