[Enigmail] Paste passphrase from clipboard into pinentry dialogbox

Doug Barton dougb at dougbarton.email
Sun Mar 29 23:11:48 CEST 2015


On 3/29/15 2:32 AM, Samir Nassar wrote:
> On Sunday, March 29, 2015 10:26:53 AM Anne Wilson wrote:
>> Personally I prefer my
>> password to be reference to a book - and you haven't a snowball in
>> hell's chance of knowing which book or what reference to it :-)  I
>> doubt if even my closest family would guess the book.
>
> You might be wrong, you might be right, at most you are right for the
> situation you live in.
>
> Part of the discussion happening here is about general principles that cover
> cases where the risk is assessed to be adversaries who are making trillion
> guesses per second.

Um, no, it really isn't. :)  The two components of your sentence 
"general principles," and "adversaries ..." don't go together, at all.

Yes, there are some people who use PGP for serious, even potentially 
life-threatening purposes. Those people need really strong pass phrases, 
and perhaps even ones that are so long that they cannot be remembered, 
or typed easily.

But the vast majority of PGP users are doing it because it's fun, and 
have no need for that kind of drama. Is it nice to encourage good 
operational practices for pass phrases for the "general" type of user? 
Of course it is, and we should do that. But pretending that super-long, 
untypable pass phrases apply to anyone except an extreme few is just 
silliness.

But worse than it being ridiculous on its face, by pretending that these 
kinds of practices are, or should be commonplace it makes it harder for 
people how would like to learn about encryption to do so.

Doug

-- 
I am conducting an experiment in the efficacy of PGP/MIME signatures. 
This message should be signed. If it is not, or the signature does not 
validate, please let me know how you received this message (direct, or 
to a list) and the mail software you use. Thanks!


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.enigmail.net/pipermail/enigmail-users_enigmail.net/attachments/20150329/490251df/attachment.sig>


More information about the enigmail-users mailing list