Import of key from PGP secret keyring
Fri Feb 22 09:24:01 2002

Hash: RIPEMD160

Lapo Luchini wrote:
> The imported is protected frmo key indeed... but not the actual key, but
> the key with which i created the PGP key!!!
> Some years ago I thought that key to be too much insecure and I changed
> pwd of my secret key with a new, longer, key... and
> when I found out that the imported GPG key actually used the *old* key
> my mouth hanged open... this means that, while PGP
> asks me for the new password, all my secret key can be obtained using
> only my old (and less secure) password...

probably you imported from keyring backup or something..

after changing pasphrase, don't forget that if you have key
backup(s) (and you should have) they are still protected with old
pasphrase, so you may want to destroy old backup(s) and create
new one(s).

Disastry <----PGP plugins for Netscape and MDaemon
 ^----PGP 2.6.3ia-multi05 (supports IDEA, CAST5, BLOWFISH, TWOFISH,
      AES, 3DES ciphers and MD5, SHA1, RIPEMD160, SHA2 hashes)
Version: Netscape PGP half-Plugin 0.15 by Disastry / PGPsdk v1.7.1