Hi!
Matt Kinni schrieb:
Everyone says it should be as long as possible (...) What do you think?
You might find this interesting read:
<http://www.schneier.com/blog/archives/2007/01/choosing_secure.html>
Also keep in mind that in order to attack your password, an attacker
would first have to access your secret keyring (unless you use GnuPg for
symmetric encryption).
As to what I think personally, around 15 pretty random characters would
be quite enough for my threat model. I don't expect the NSA to throw all
their supercomputers at cracking my passphrase, though ;-)
HTH, Sven
_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users
