How is the private key protected?
Last Updated 2 months ago
The private key is only stored in encrypted form, using PGP symmetrical encryption (1).
The user-password is converted to a AES-256 key using
OpenPGP's Iterated and Salted S2K (2), the iteration code is set to 192,
which equals to approx. 4 MB of data to hash (password+salt iterated), for a single password.
This makes the password very slow to bruteforce(3). All decryption is done on the users own computer, the password is never sent to our server.
(1) Read more about OpenPGP symmetrical encryption here:
(2) Read more about OpenPGP S2K here:
Read below how to create strong memorable passwords:
Keywords: private key protect select password strong password create password passphrase keyfile two factor authentication privatekey