On Jan 8, 2008 12:46 AM, Matthew Bosworth <[EMAIL PROTECTED]> wrote: > > * I don't want to be prompted for a fresh passphrase whenever I > > encode--just when I decode. Would that be possible? > > I go back and forth on this one. I could hash the password and store > it in the decrypted text. The pro is that you don't have to re-enter > the password when you're encoding. The con is that there's a > potential for someone to grab the hashed password while the file is > decoded and be able to use it to decode the file later... Of course, > if they can grab the password, they can grab any other data too. > Writing security apps makes you paranoid... What do y'all think ?
I don't know either. That's why I asked you! :-) -Chuck -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-lpsg
