On Dienstag, 7. Juli 2020 22:42:07 CEST Stefan Claas wrote: > Let's say you travel a lot and do not want to risk that your secret key > gets compromised due to border control etc. > > One simply uses the program passphrase2pgp, from GitHub[1] and when creating > the key and the passphrase is needed, one simply issues: > > echo -n 'simple password' | openssl dgst -sha256 -binary | base91 or base64 > and then one gets a string with an entropy of over 200, which is more than > secure. This would one IMHO allow to have a strong passphrase but generated > with an easy to remember password.
I'm sorry, but you cannot increase the entropy of "simple password" by hashing it. What you propose is "security by obscurity". And that was never a good idea. Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
