PGP Passphrases

A passphrase is a collection of words and characters used by PGP cryptography when you create a public/private key file set, whenever encrypted files are signed, and when files are decrypted.

Passphrases differ from passwords only in length. Passwords are usually short -- six to ten characters. Short passwords are acceptable for logging on to a computer system, but they are not safe for use with encryption systems. Passphrases are usually much longer -- up to 100 characters or more. Their greater length makes passphrases more secure.

Picking a good passphrase is one of the most important things you can do to preserve the privacy of the files you encrypt using PGP. A passphrase should be:

•        Known only to you

•        Long enough to be secure

•        Hard to guess -- even by someone who knows you well

•        Easy for you to remember and type accurately if necessary

•        Use a combination of upper and lower case characters and digits (for example: TesT03PhrasE)

Important

FileLink secures your passphrase by saving it in an encoded format in the Windows registry along with its other settings. The passphrase is also never displayed in the FileLink console window nor written to any log file. But be aware that it does appear in clear-text in a script file. Therefore, the method of specifying your passphrase during configuration is the most secure.