changing of passphrase

Michael H. Warfield mhw@wittsend.com
Thu Oct 11 22:45:02 2001 

On Thu, Oct 11, 2001 at 03:28:32PM -0400, Douglas Elznic wrote:

> Hello,

>  I was interested in changing my passphrase for my gpg key. It seems

> that if it is a good idea to change nomral passwords from time to time


	This is typically subject to debate.


> that it would also be a good idea to change gpg passphrases. When I


	Apples != Oranges.


> enter passwd into the edit-key dialog it say that it is changing the

> passphrase for my 1024-bit DSA key, ID 13300731, created 2001-07-07.

> Will this change my passphrase for my secret key as well? I did not

> think that there was separate passwords for pub and private key but the

> output is confusing me. And howcome changing of gpg passphrases

> regularly is not recommended anywhere in the docs?


	1) Your public key does not have a passphrase on it.  You
changed the passphrase on your secret key and that's all.

	2) What good does changing you passphrase do?  If someone
gets a copy of your secret key, you can change your passphrase until
you're blue in the face and it will have no effect on their copy and
your old passphrase will still work on that old copy.  It's not like
the passphrase to an account somewhere where changing the passphrase
denies someone access.

	I suppose it might help if someone captured a copy of your secret
key and then shoulder surfed you after you changed the passphrase or,
conversely, happen to shoulder surf you typing in your passphrase and
decided to go get your key but failed until after you changed the phrase.
Those don't seem really high on the likely meter, though.

	Why does it sound like a good idea to change gpg passphrases?
What is the compromise threat model you envision here?  If someone
obtains your secret key, you can't change the passphrase on their copy.
If they capture your old passphrase (like when you go to change it)
they are all done.

	Changing it frequently is also more likely to make you forget
the new one or to end up with different copys of your keyrings sitting
around with different passphrases (that can't be good).

	It may not be a "bad" idea to change your passphrase, I just fail
to see any advantage to changing it if you have a good solid secure
passphrase to begin with.


> -- 

> +------------------+---------------------------------------------------+

> |  Douglas Elznic  |        GPG Key: <dfe@anize.org> 0x13300731        |

> +------------------+---------------------------------------------------+

> |  Thinker-@-Large | Pub key can be obtained from http://pgp.dtype.org |

> |   dfe@anize.org  | Fingerprint:                                      |

> | dfelznic@syr.edu | EF9C 7E3C 0327 EAAF 1E20 5299 0805 7531 1330 0731 |

> | http://anize.org | All emails should be signed by the above key.     |

> +----------------------------------------------------------------------+

> | They that can give up essential liberty to obtain a little temporary |

> | safety deserve neither liberty nor safety... Benjamin Franklin 1759  |

> +----------------------------------------------------------------------+



	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw@WittsEnd.com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!