Where to save passphrases?

Mathias Bauer mbauer at mailbox.org
Fri Jul 25 23:36:05 CEST 2014


* Sudhir Khanger wrote on Fri, 25 Jul 2014, at 23:10 (+0530):

> I was wondering once you have a working setup where do you save
> your passphrases of your master and multiple subkeys.

Usually it's *one* passphrase for the whole GnuPG key material.
And even more usually this one is stored in one's human brain.
(Some special scenarios may handle this differently.)

> Is it safe to use some soft of password manager? Not really
> ideal but I use LastPass.

Maybe human brain is not ready for storing a great and still
growing number of passwords, but it is capable to store at least
a very small number of important passphrases.  For all those
other passwords using a password manager may be just fine.

So, if you're using a password manager for your GnuPG passphrase,
you will either run immediately into a chicken egg dilemma as the
manager needs a password, too.  Or you might not be concerned at
all about security and might ask yourself why using GnuGP anyway.

I'm sorry, there are only these two possibilities.

Regards,
Mathias

-- 
CAcert Assurer

Do you want to encrypt your mail?  Then join CAcert and get your SSL
certificate from https://www.CAcert.org.  If you have any questions,
don't hesitate to ask.

OpenPGP:  ID 0x44C3983FA7629DE8 - http://www.sks-keyservers.net
Fingerprint: B100 5DC4 9686 BE64 87E9  0E22 44C3 983F A762 9DE8
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: </pipermail/attachments/20140725/206a241c/attachment-0001.sig>


More information about the Gnupg-users mailing list