Where to save passphrases?
Schlacta, Christ
aarcane at aarcane.org
Sat Jul 26 00:25:14 CEST 2014
I might suggest using the same passphrase you use for your password
manager for GPG. So long as you use a strong passphrase and practice
good password practices on this password, it should remain
uncompromised.
On Fri, Jul 25, 2014 at 2:36 PM, Mathias Bauer <mbauer at mailbox.org> wrote:
> * Sudhir Khanger wrote on Fri, 25 Jul 2014, at 23:10 (+0530):
>
>> I was wondering once you have a working setup where do you save
>> your passphrases of your master and multiple subkeys.
>
> Usually it's *one* passphrase for the whole GnuPG key material.
> And even more usually this one is stored in one's human brain.
> (Some special scenarios may handle this differently.)
>
>> Is it safe to use some soft of password manager? Not really
>> ideal but I use LastPass.
>
> Maybe human brain is not ready for storing a great and still
> growing number of passwords, but it is capable to store at least
> a very small number of important passphrases. For all those
> other passwords using a password manager may be just fine.
>
> So, if you're using a password manager for your GnuPG passphrase,
> you will either run immediately into a chicken egg dilemma as the
> manager needs a password, too. Or you might not be concerned at
> all about security and might ask yourself why using GnuGP anyway.
>
> I'm sorry, there are only these two possibilities.
>
> Regards,
> Mathias
>
> --
> CAcert Assurer
>
> Do you want to encrypt your mail? Then join CAcert and get your SSL
> certificate from https://www.CAcert.org. If you have any questions,
> don't hesitate to ask.
>
> OpenPGP: ID 0x44C3983FA7629DE8 - http://www.sks-keyservers.net
> Fingerprint: B100 5DC4 9686 BE64 87E9 0E22 44C3 983F A762 9DE8
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
More information about the Gnupg-users
mailing list