What do if forgot password?

Faramir faramir.cl at gmail.com
Fri Feb 6 23:15:19 CET 2009

Hash: SHA256

don rhummy escribió:
> What does GPG have to recover my data if i forgot my password?

  Absolutely nothing.

  Assuming you are making your question to know what preventive measures
to take, maybe you can store _in a safe place_ a backup of your key
without a passphrase... but that would mean that anybody having access
to that backup can steal your key. Another option could be to remove the
passphrase, print the key with paperkey, store the printed backup in a
safe place (and don't forget some insects can eat paper). And set again
the passphrase of your key. The printed backup has some advantages:

1.- If stored in a dry and dark place, safe from fungus or insects, it
can last for a really long time.
2.- It is stored "off-line" (of course, it's a printed sheet of paper),
so no trojan can steal it.
3.- Probably, anybody that finds it, won't have any idea about what are
those funny numbers (of course, if "somebody" means "NSA expert" he
would probably recognise what the paper is, and would get an
_unprotected copy of your key!_)

  Since my concern is about being "hacked", but not about being
investigated by government, I don't need to hide my backups under a
stone in the middle of a forest... any backup safe from a computer
trojan, or a fire affecting my house is good enough for me. But maybe
that is not your case.

  Best Regards
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


More information about the Gnupg-users mailing list