KeePass or any other password wallet to store and transport keys

antispam06 at sent.at antispam06 at sent.at
Mon Jul 23 01:39:12 CEST 2012


On Sun, Jul 22, 2012, at 16:25, Doug Barton wrote:
> On 07/22/2012 14:51, antispam06 at sent.at wrote:
> > Having a few private files opened with the key that resides on the same
> > hard drive unit, which I know it's a no–no.
> 
> Your private key is encrypted, right? Use a strong password for that and
> you're in fine shape.

Yes, security through obscurity. A possible attacker won't know for sure
which key is the useful one without opening the keychain. Or can he
know?

While we're at this one: the reason I am using KeePass is because I have
a hard time remembering one strong password. Having about 50 of them, a
different one for each account, it's a true pain. But a passphrase is
something completely different. It's harder to type. It employs far less
characters. Yet it can be looong. How about that? Is that any better? 45
ASCII lowercase with a uppercase ASCII and a couple of signs is better
than 16 random alphanumerics and signs?



More information about the Gnupg-users mailing list