Enforcing password complexity for private keys
Cyaniventer
cyaniventer at riseup.net
Tue Apr 30 15:20:59 CEST 2019
On Tue, 30 Apr 2019 06:55:07 -0400
David Milet <david.milet at gmail.com> wrote:
> Hello
>
> We’re considering rolling out GnuPG at work for developers to sign
> git commits. How can we prevent developers from choosing a trivial
> password?
>
> Is there a way for GnuPG to enforce some password complexity on the
> private keys?
imo long term solution will be to tell them more about passwords and
why choosing a good password is important.
Here are a few points you can include:
- how someone can crack their password
- what they can do to keep their accounts secure
- how to generate a good password
- how to use a password manager
--
Cyaniventer
BBBB 882A 5A00 FCB6 8704 E9BC 757D E342 DB4E 576C
More information about the Gnupg-users
mailing list