Kara karadenizi at gmail.com wrote on Wed Jul 20 02:18:16 CEST 2011 : >> Is it a bad idea to place your secring in dropbox?
>Using a decent password generator and specifying a mix of upper and lower case letters, digits, and special characters, how many total characters -- as a minimum -- would you recommend such a password be? >Any particular password generator program you would recommend? ----- A simple alternative would be to create a truecrypt container, allowing truecrypt to generate its own keyfile. Store the keyfile in a secure, retrievable place (not in the cloud), and you can leave the password blank. To answer your question; assuming that at some point, the 'cloud' will have resources to brute force passphrases that might be considered safe 'now', but still not enough to brute force a 2^256 or even a 2^128 symmetrical cipher, then, symmetrically encrypt any file using either AES, Twofish, or Camellia, and then decrypt it with the gnupg option of '--show-session-key'. Gnupg will display a random 64 character string. Use the entire string as your passphrase, (or half of it, if you feel comfortable that the combined sources of the cloud will not be able to brute-force a 128 bit keyspace in your lifetime ;-) ) If you find such a string difficult to remember, then consider Diceware. http://world.std.com/~reinhold/diceware.html (afaik, there is no computerized dice generator that will produce acceptably random results, so you'll need 5 dice.) The Diceware keyspace is 7776 (6 possibilities for a die throw, 5 throws, 6^5 = 7776). [ 7776^10 ~= 8.08 x 10^38 ] > [ 2^128 ~= 3.40 x 10^38 ] [ 7776^20 ~= 6.53 x 10^77 ] > [ 2^256 ~= 1.58 x 10^77 ] A 10 word Diceware passphrase should be more than enough. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users