Page MenuHome GnuPG

support specialized numeric9x4 format for symmetric passphrase
Open, NormalPublic


As part of the autocrypt spec, we propose a "backup code" format. This format is designed to contain high entropy, while retaining usability for handling by humans.

An example looks like this:

The idea of a 3 by 3 matrix is to make it easy for the user to keep track of where they are. The blocks of decimals can be easily retained in short term memory and have a low language barrier. Use of this passphrase format is indicated in a header in the ascii armor, to allow display of a specialized input mask. It would be very nice if GnuPG could grow support for this feature.

See also:

Event Timeline

In the autocrypt spec, this is called a "setup code", not a "backup code" :)

it's not clear to me what this request is asking for specifically though, given the architecture of GnuPG. I can think of a few things:

  • remove "unknown armor header:" warning about Passphrase-Format and Passphrase-Begin
  • pass this information through as a hint to pinentry during symmetric decryption
  • add this capability to (at least one of) the various pinentries

maybe it's best to break the request into these independently-manageable pieces?

Well, I gues it's complex enough to warrant strategic discussion, which can be done in this ticket :)

All of your points sound sensible. On top of that, it would be very nice if --import could recognize encrypted packets and handle them during import. That would help a lot for encouraging proper encryption during transport.

Please take discussions to the mailing list. A bug tracker is not a good place for it because only a few will see that.

werner triaged this task as Normal priority.Nov 8 2017, 7:01 PM