Hi Werner I know its not the perfect setup, but it is practicable for me, and as i usually just work with subkeys i feel on a more safe side with this. Tokens are always a good idea, and if anyone can use them its recommended to do it that way.
There are good reasons why GPG supports Tokens/Cards by default ;) best regards Juergen Am 05.11.18 um 10:41 schrieb Werner Koch: > On Sun, 4 Nov 2018 23:20, juer...@bruckner.tk said: > >> I for myself did configure MailDroid that way, that for each >> crypto-operation, decrypt, sign, encrypt I have to enter my passwort >> each time. > > That does not help. A bugged phone will for sure employ a keylogger and > thus you can also work without a passphrase. To protect your key you > need to move the key to a separate hardware device (aka token). This > may not help to protect you messages but at least you token must be close > to the device so that an attacker can make use of your keys. > > > Shalom-Salam, > > Werner > > -- Juergen M. Bruckner juer...@bruckner.tk
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
