Updated OpenPGP Security (markdown)
Dominik Schürmann
parent
3cdb0fa4be
commit
659e6137b4
|
|
@ -107,12 +107,13 @@ Bad examples can be found in dkg's blog post.
|
||||||
|
|
||||||
Answer based on [dkg's blog post: "OpenPGP User ID Comments considered harmful"](https://www.debian-administration.org/users/dkg/weblog/97) (CC-BY 4.0)
|
Answer based on [dkg's blog post: "OpenPGP User ID Comments considered harmful"](https://www.debian-administration.org/users/dkg/weblog/97) (CC-BY 4.0)
|
||||||
|
|
||||||
## Password meter on key creation
|
## Password meters
|
||||||
Currently, a very simple password meter is shown in the key creation wizard to encourage users to choose better passphrases to protect their keys.
|
Currently, a very simple password meter is shown in the key creation wizard to encourage users to choose better passphrases to protect their keys.
|
||||||
|
|
||||||
Studies have shown that password meters can indeed encourage the selection of better passwords:
|
Studies have shown that password meters can indeed encourage the selection of better passwords:
|
||||||
* ["How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation."](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final209.pdf)
|
* ["How Does Your Password Measure Up? The Effect of Strength Meters on Password Creation."](https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final209.pdf)
|
||||||
* "Does my password go up to eleven?: the impact of password meters on password selection"
|
* "Does my password go up to eleven?: the impact of password meters on password selection"
|
||||||
|
* https://blogs.dropbox.com/tech/2012/04/zxcvbn-realistic-password-strength-estimation/
|
||||||
|
|
||||||
### Relevant links
|
### Relevant links
|
||||||
* https://gist.github.com/coruus/68a8c65571e2b4225a69
|
* https://gist.github.com/coruus/68a8c65571e2b4225a69
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue