I'm confident about myself and my own system, but forcing team members to observe all safety cases is very difficult.
--------------------------------- *وحید معانی* *Vahid Ma'ani* [email protected] | gnutips.ir On Dec 31, 2016 11:33 PM, "Lenz Weber" <[email protected]> wrote: > You do realize that an atacker that is deep enough in your system to > exploit your cached password also could just log your keystrokes as you > type the password? (More reliably if you do so very often) > > Of course using a low timeout is useful if you leave your PC unlocked a > lot, but not caching at all will not save you from most attacks. > > Am 31.12.2016 um 20:20 schrieb Vahid Ma'ani: > > It keeps passphrase for 5 minutes?!!!! > > No! No! No! I never use as it!! I want enter passphrase for each request! > > I prefer not to encrypt the unimportant information instead of making my > > important data insecure even for one minute. > > > > --------------------------------- > > *وحید معانی* > > *Vahid Ma'ani* > > [email protected] <mailto:[email protected]> | gnutips.ir > > <http://gnutips.ir> > > > > > > > > On Dec 31, 2016 10:13 PM, "Brian Candler" <[email protected] > > <mailto:[email protected]>> wrote: > > > > On 31/12/2016 11:04, Vahid Ma'ani wrote: > > > > "grep" option search content of crypted files and i should type > > passphrase some times for each search. > > > > > > Not if you use gpg-agent. It keeps your passphrase for 5 minutes. > > > > gpg-agent is invaluable for certain operations on the repo. For > > example, using "pass init" to change the set of keys that the > > passwords are encrypted for - it has to decrypt and re-encrypt every > > single file. And indeed, you don't want to have to type your > > passphrase for every one :-) > > > > > > > > _______________________________________________ > > Password-Store mailing list > > [email protected] > > https://lists.zx2c4.com/mailman/listinfo/password-store > > >
_______________________________________________ Password-Store mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/password-store
