Where to save passphrases?

Mathias Bauer mbauer at mailbox.org
Fri Jul 25 23:36:05 CEST 2014

* Sudhir Khanger wrote on Fri, 25 Jul 2014, at 23:10 (+0530):

> I was wondering once you have a working setup where do you save
> your passphrases of your master and multiple subkeys.

Usually it's *one* passphrase for the whole GnuPG key material.
And even more usually this one is stored in one's human brain.
(Some special scenarios may handle this differently.)

> Is it safe to use some soft of password manager? Not really
> ideal but I use LastPass.

Maybe human brain is not ready for storing a great and still
growing number of passwords, but it is capable to store at least
a very small number of important passphrases.  For all those
other passwords using a password manager may be just fine.

So, if you're using a password manager for your GnuPG passphrase,
you will either run immediately into a chicken egg dilemma as the
manager needs a password, too.  Or you might not be concerned at
all about security and might ask yourself why using GnuGP anyway.

I'm sorry, there are only these two possibilities.


CAcert Assurer

Do you want to encrypt your mail?  Then join CAcert and get your SSL
certificate from https://www.CAcert.org.  If you have any questions,
don't hesitate to ask.

OpenPGP:  ID 0x44C3983FA7629DE8 - http://www.sks-keyservers.net
Fingerprint: B100 5DC4 9686 BE64 87E9  0E22 44C3 983F A762 9DE8
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: </pipermail/attachments/20140725/206a241c/attachment-0001.sig>

More information about the Gnupg-users mailing list