gpg-agent cache keygrip

MFPA 2014-667rhzu3dc-lists-groups at riseup.net
Thu Jul 27 13:27:30 CEST 2017


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On Thursday 27 July 2017 at 10:46:33 AM, in
<mid:e74cc71a-5049-403b-32e0-ba9f0fe3f4a8 at digitalbrains.com>, Peter
Lebbing wrote:-


> On 27/07/17 11:24, MFPA wrote:
>> Have you considered using a password manager to
>> remember them?

> What would be the purpose?

I guess I should have trimmed my quote less severely. Using a password
manager would enable somebody who says they cannot remember multiple
decent-quality unique passwords to not share passwords between
different keys.



> Adding a passphrase manager only introduces another
> layer of indirection
> plus extra steps for the user to unlock their key,

Extra steps to open the password manager. Once open there are no extra
steps for subsequent unlocking of the user's GnuPG key; it may even
speed things up in the event that the password manager types
passphrases quicker than the user can type them.


> but it seems to solve
> no actual problem. It just moves the item that is of
> interest to the
> attacker.

The single point of failure stops being a passphrase used across
multiple keys; it becomes the password required to open the password
manager that protects the multiple passphrases.


- --
Best regards

MFPA                  <mailto:2014-667rhzu3dc-lists-groups at riseup.net>

COMMITTEE: A body that keeps minutes and wastes hours.
-----BEGIN PGP SIGNATURE-----

iNUEARYKAH0WIQQzrO1O6RNO695qhQYXErxGGvd45AUCWXnOJ18UgAAAAAAuAChp
c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0MzNB
Q0VENEVFOTEzNEVFQkRFNkE4NTA2MTcxMkJDNDYxQUY3NzhFNAAKCRAXErxGGvd4
5AZ3AQCaNMl2oJ3kDWTPScP4OvPcVmsyWa7C7+ZF/aBd9m8hSAD+KuwBpBMkbpp+
y5gn1fXIMZ5NLR8OXKIWF8nR32oNvASJAZMEAQEKAH0WIQSzrn7KmoyLMCaloPVr
fHTOsx8l8AUCWXnOMl8UgAAAAAAuAChpc3N1ZXItZnByQG5vdGF0aW9ucy5vcGVu
cGdwLmZpZnRoaG9yc2VtYW4ubmV0QjNBRTdFQ0E5QThDOEIzMDI2QTVBMEY1NkI3
Qzc0Q0VCMzFGMjVGMAAKCRBrfHTOsx8l8Hl8B/4xUCdIUueGMVTrU0bSd79ityjN
oJQWk15Hz5tX/3BnVnn8xJMECTquow1Nf1XmwxKyaqME9pDtXPbFBHp+WzV04glT
FD/4SgE0BPTtyadGbDHYaE0rHHPL1bzFg4f3F8uRz9otSHC6KeTLAhBJxBYQaK++
qYe2npD+IAUUU1sPluWGhrPWnu99c2Tw8REq/BH0T2sk4zwIkYTedGX1eExzH7Hw
Kjdh9uMuBa1rWfaaYfsOnDrzvkdW3kmiu8ngdE4BCVEVtzqSvmDBP8+dxgZKzESK
Bc5+HY2/pyB+0tWJ+Yaa8ilFeD9LDIbokrr/Iiyw0Frv3sVhXgrLhPYW2YYW
=2vsb
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list