[Winpt-users] Winpt-users Digest, Vol 13, Issue 1
Timo Schulz
twoaday at gmx.net
Thu Oct 26 09:15:41 CEST 2006
Vineet Madan wrote:
> the passphrase is stored where in memory. can any body access that
> memory to extract my passphrase.
Is this a question? If you disable the passphrase cache, it is
just hold temporary for the operation.
> so can that memory be accessed by me too to see my passphrase if i forget
> it...
No. The passphrase will be only cached when WinPT is _running_ and
the feature is _enabled_. And even then you have to enter it once
to enable caching. IF you quit WinPt, the cache will be flushed
(deleted). So if you forget the passphrase, it's gone.
! This is why anybody should generate a key revocation certificate
right after the key generation and store it on a safe place.
*If* you lost your secret key/passphrase/something similiar
you can import the revoc cert and make the entire key unuseable.
Of course you need to send it to a key server then to spread the key. !
Timo
More information about the Winpt-users
mailing list