On 03/05/2013 10:29 PM, Peter Bisroev wrote: [snip] > 100% agree. Having unencrypted private keys was one of the reasons > that I have started looking into OTP/TOTP. At this point, I think it > is probably better to force "untrusted" users (those who cannot be > trusted to keep their private keys encrypted) to use TOTP with > sufficiently long passwords (login_totp-and-pwd) and allow trusted > users a bit more freedom. [snip]
What level of encryption is deemed adequate nowadays? Regards, /Lars