Hi, Some people have started to suggest that actually writing down passwords, if they're kept in a secure place, might not be a bad idea; the rationale is that passwords which can be considered "good" are reaching the point of being un-memorizable.
Assuming for the moment that this is the case (whether it really is or not isn't clear, I think), it seems that copying some arbitrary chunk out of the middle of some GPG encryption output (with -a, e.g. "QhRuM+W4xC9qnPvn") might be a good source of password material. It's random-looking to the untrained eye, but how random is it really? It occurred to me that the ascii-armoring process might introduce weaknesses that aren't obvious, but I don't follow the guts of the process well enough to be sure. Thanks! -C
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
