-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 28/03/2015 19:30, Daniel Kahn Gillmor wrote: > I suppose the underlying question is whether you think the user's > OpenPGP passphrase is one of these strong passphrases that they > should be able to remember, or whether you think it should be > delegated to the mechanized password store
I don't believe a password needs to be either insanely long or too complicated to remember. Surely it only needs to be something impossible to crack in a dictionary attack, yet based on something memorable to you but unknown to others. Personally I prefer my password to be reference to a book - and you haven't a snowball in hell's chance of knowing which book or what reference to it :-) I doubt if even my closest family would guess the book. Anne -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlUXxVkACgkQj93fyh4cnBdXzwCgi/b7eIu4OE22lVRe3CbYcP0Q H5UAniUwc7nMGFFB6SwY/i3PxhZkhARW =252z -----END PGP SIGNATURE----- _______________________________________________ enigmail-users mailing list [email protected] To unsubscribe or make changes to your subscription click here: https://admin.hostpoint.ch/mailman/listinfo/enigmail-users_enigmail.net
