deloptes <delop...@gmail.com> writes: > The idea to upload encrypted password on some cloud service is scary
Then don't upload it to a cloud service :-) Instead, upload it to a specific host, one that you can make an informed trust decision about. > Passwords are usually kept in a safe place. Yes. Do you consider encrypted files, that can only be unlocked by one's private key, to be safe? > Especially private keys are not meant to be shared .... so I did not > understand what are you doing with your private gpg key? Do you have > it printed on paper? The private key for unlocking the database stays on the device where I'm using it. So yes, that means I need to be able to trust the device on which I unlock my passphrase database. That's entailed within the task: to access one's secret passphrases, one must do that on a device one trusts with that task. (Good sigmonster, have a cookie.) -- \ “Try adding “as long as you don't breach the terms of service – | `\ according to our sole judgement” to the end of any cloud | _o__) computing pitch.” —Simon Phipps, 2010-12-11 | Ben Finney
