This arrived in my inbox: I'm presenting it here without comment. My response will be following in a moment.
-------- Forwarded Message -------- Subject: The GnuPR FAQ Date: Mon, 11 May 2020 14:19:07 -0600 From: James Long <crogon...@gmail.com> To: r...@sixdemonbag.org Greetings! I'm just getting started on a write-up with instructions explaining how to use all of the new options in GnuPG to set it up in the various email clients and browsers. I noticed on this page: https://www.gnupg.org/faq/gnupg-faq.html You've advised people to use a HORRIBLE practice of using dictionary words solely for their password. I tested this theory myself back in the day, so I can 100% guaranty you of this fact: A brute force dictionary based attack can crack a password like that in LESS THAN 5 minutes!! I once stretched that out to 20 minutes by cleverly picking words that I already knew were at the opposite ends of the dictionary. This was back in the Pentium II days!! Processors these days could likely crack a dictionary based password in a matter of seconds. I'm sorry, but that particular bit of advise is terrible and needs to be changed. If you guys accept public assistance, I could go through the instruction / FAQ pages for you, update them, then submit them to you for approval. Since I'm already writing updated instructions anyway. ;) - James T. Long ------------ There are 10 kinds of people in the world - those who understand binary, and those who don't. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users