GPG on Android

Werner Koch wk at
Mon Nov 5 10:41:20 CET 2018

On Sun,  4 Nov 2018 23:20, juergen at said:

> I for myself did configure MailDroid that way, that for each
> crypto-operation, decrypt, sign, encrypt I have to enter my passwort
> each time.

That does not help.  A bugged phone will for sure employ a keylogger and
thus you can also work without a passphrase.  To protect your key you
need to move the key to a separate hardware device (aka token).  This
may not help to protect you messages but at least you token must be close
to the device so that an attacker can make use of your keys.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <>

More information about the Gnupg-users mailing list