Confirmation for cached passphrases useful?

Daniel Kahn Gillmor dkg at
Tue Oct 12 05:05:45 CEST 2010

On 10/11/2010 09:56 PM, Larry Brower wrote:
> This seems like something that would get really annoying really
> quickly. Why not just change settings to not cache the passphrase if
> you do not like using it this way ?

re-entering the passphrase each time is significantly more annoying than
confirming its use in a reasonable context.  (and re-entering the
passphrase every time the secret is used is less secure than a simple
confirmation prompt, since it trains the user to type their passphrase
over and over again)


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101011/482c8d94/attachment.pgp>

More information about the Gnupg-users mailing list