Confirmation for cached passphrases useful?
MFPA
expires2010 at ymail.com
Thu Oct 14 23:58:25 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Thursday 14 October 2010 at 3:18:47 PM, in
<mid:4CB71147.5090805 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:
> This strikes me as the worst suggestion on this thread
> so far. Please, do not store the passphrase to your
> secret key in the clear in a file on your computer, and
> do not suggest that other people do so.
It was a non-serious suggestion of a simple, albeit obviously
insecure, way to overcome the two issues you mentioned in your
previous posting (about re-typing the passphrase each time the secret
key gets used being annoying and potentially insecure). As Dan Cowsill
points out, there are "password managers" available that allow the
user to copy/paste their passphrase in much the same way but store it
in an encrypted database.
[
> That's even
> worse than writing it on a post-it note and taping it
> to your monitor.
That would depend on your threat model...
- --
Best regards
MFPA mailto:expires2010 at ymail.com
Another person's secret is like another person's money:
you are not as careful with it as you are with your own
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTLd9IKipC46tDG5pAQo5FQP8CuVxi8krMIFKMC3IaGRhaq/D4MJj/oC7
q7o0aZImA+/6pK5j77J4vo5WmPVfCK8lVUvEY8V9J0lYVjKcTtPHYiczrVdj08Ys
qaB3ZC3pvtnGNq2v8eXoSqUwU+IbR5br7Dqwk2DO3e57fE4vaaAZqraCxAc3E0AN
AepG+OFrsGg=
=r9kT
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list