Fwd: The GnuPR FAQ

Robert J. Hansen rjh at sixdemonbag.org
Tue May 12 00:11:27 CEST 2020

This arrived in my inbox: I'm presenting it here without comment.  My
response will be following in a moment.

-------- Forwarded Message --------
Subject: 	The GnuPR FAQ
Date: 	Mon, 11 May 2020 14:19:07 -0600
From: 	James Long <crogonint at gmail.com>
To: 	rjh at sixdemonbag.org


I'm just getting started on a write-up with instructions explaining how
to use all of the new options in GnuPG to set it up in the various email
clients and browsers.

I noticed on this page:
You've advised people to use a HORRIBLE practice of using dictionary
words solely for their password. I tested this theory myself back in the
day, so I can 100% guaranty you of this fact: A brute force dictionary
based attack can crack a password like that in LESS THAN 5 minutes!! I
once stretched that out to 20 minutes by cleverly picking words that I
already knew were at the opposite ends of the dictionary.

This was back in the Pentium II days!! Processors these days could
likely crack a dictionary based password in a matter of seconds. 

I'm sorry, but that particular bit of advise is terrible and needs to be
changed. If you guys accept public assistance, I could go through the
instruction / FAQ pages for you, update them, then submit them to you
for approval.

Since I'm already writing updated instructions anyway. ;) 
 - James T. Long

There are 10 kinds of people in the world - those who understand binary,
and those who don't.

More information about the Gnupg-users mailing list