Security of PGP private keys
PGP secret keys are protected by a password. Yet people have said that one should not keep one's secret keyring on an insecure machine. Why? -- ____ Richard Kennaway __\_ / School of Information Systems Internet: jrk@sys.uea.ac.uk \ X/ University of East Anglia uucp: ...mcsun!ukc!uea-sys!jrk \/ Norwich NR4 7TJ, U.K.
*> > PGP secret keys are protected by a password. Yet people have said that one *> > should not keep one's secret keyring on an insecure machine. Why? *> *> Passwords are often guessable. Passwords may also be picked up over telephone lines. It is good to keep them short, wacko, and in human memory. #$%Osd(@ is a good one. -z
According to zeek@io.com:
*> > PGP secret keys are protected by a password. Yet people have said that one *> > should not keep one's secret keyring on an insecure machine. Why? *> *> Passwords are often guessable.
Passwords may also be picked up over telephone lines. It is good to keep them short, wacko, and in human memory.
#$%Osd(@ is a good one.
Ya right, about as good as qwerty, which is in many wordlists these days. J. Michael Diehl ;^) |*The 2nd Amendment is there in case the mdiehl@triton.unm.edu | Government forgets about the 1st! <RL> Mike.Diehl@f29.n301.z1 |*God is a good Physicist, and an even .fidonet.org | better Mathematician. <Me> al945@cwns9.ins.cwru.edu|*I'm just looking for the opportunity to (505) 299-2282 (voice) | be Politically Incorrect! <Me> Can we impeach him yet? |*Protected by 18 USC 2511 and 18 USC 2703.
participants (5)
-
Brad Huntting -
J. Michael Diehl -
jrk@sys.uea.ac.uk -
Perry E. Metzger -
zeek@io.com