Morton D. Trace wrote: [...] > here are some random 20char ASCII pass phrases > > bash-3.00$ apg -a 1 -M S -n 20 -m 20 > ^;@_*-<|./|;&/._;}.! > ?<&!\+~&;[//.~_-!|+]
[...] I do actually use some passphrases like this, though usually with more letters and numbers in them (generated with gpg --gen-random -a for the most part). I make no attempt to remember them; I keep them in an application designed for the purpose (PasswordSafe). Given that, there's really no need to limit the length to 20 - since you're never going to type it, you may as well use as long a password as your application will accept. The drawback to this is that if my password store is not available to me then none of the passwords in it are either. I also have more conventional passphrases that I can remember and type, since there are always some things you're going to have to produce from memory, and there may be some things you don't want to trust to permanent storage at all. Pick the right tool for the job. I find that randomly generated passwords work fine for 90+% of my password needs though. :-) -C
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
