On 29/08/12 11:49, antispa...@sent.at wrote: > I felt offended by my own email: What is stopping PKI from growing. So I come > with a question: some security apps like TrueCrypt and KeePass allow the user > to > use a keyfile instead of a password.
Note that your changing access to the key from what you know (passphrase) into what you have (a file). That's quite a change that's often not what you want. In two-factor authentication, you use both. A smartcard with a PIN is an example. But depending on just "what you have"... Other than that, the suitability of a file depends on how it is turned into accessing the key (is it hashed?) and whether an attacker could just, for instance, try downloading mp3's of songs they know you like and try them as keys. Or take your private photo collection from a backup you left lingering around and try all those photo's. If the attacker has a collection of files which does contain the correct file, a computer should have no trouble at all trying all those files in a very short time. In short, it seems like a bad idea to me. Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at http://wwwhome.cs.utwente.nl/~lebbing/pubkey.txt _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
