What to Do if You Have Forgotten a PGP Key's Passphrase

Article:TECH148859  |  Created: 2005-12-09  |  Updated: 2011-02-07  |  Article URL http://www.symantec.com/docs/TECH148859
Article Type
Technical Solution


Issue



Resetting a PGP Key's passphrase.

 

 


Solution



PGP Corporation does not keep a record of user passphrases. As the passphrase is created by you during the key generation process, only you would know your passphrase. The following describes when a passphrase can or cannot be reset:

 

When a Passphrase CANNOT be Reset

The passphrase cannot be reset without a PGP Universal Server, PGP Keyserver 7.x, or when security questions have not been created in versions of PGP Desktop 9.7 and above. If you cannot use these reconstruction methods, we recommend generating a new keypair for future encryption needs. For instructions on generating a new keypair, please refer to the following articles:

HOW-TO: Create PGP Keys in PGP Desktop 9.0 - 9.6 for Windows
www.symantec.com/docs/HOWTO41894  
 

Manage PGP Keys with PGP Desktop 8.x
www.symantec.com/docs/TECH148877

 

Note: If your PGP Key has been uploaded to a public keyserver (e.g. PGP Global Directory), we recommend removing the key from the keyserver as someone could find that key, encrypt to it, and you would not be able to decrypt the data.


 

When a Passphrase CAN be Reset

The passphrase for your key can be reset if your organization is running PGP Universal Server, PGP Keyserver 7.x and have enabled PGP Key Reconstruction, or you have created security questions in PGP Desktop 9.7 and above. Key reconstruction is described in the following articles:

HOW TO: Reconstruct Your Private Key with PGP Desktop 9.x (Windows) in a PGP Universal Server managed environment
 www.symantec.com/docs/HOWTO41968

Key Reconstruction in PGP Desktop 9.7 - 9.10 for Windows
 www.symantec.com/docs/TECH149043

HOW TO: Setup Key Reconstruction in PGP Admin 8.x.
 www.symantec.com/docs/HOWTO41917

 

Crypto Concepts

  • PASSPHRASE SECURITY

    PGP software is made with strong cryptography that no one, not us, not even major governments can break. The plus side of this is that you can always rest assured that your information is safe from prying. The minus side is that if you forget your password then you cannot pry into it yourself. As PGP products use a passphrase which is associated with the keypair that is used for encrypting and decrypting, it is extremely important that this passphrase is protected. Password stealing trojans that can monitor keystrokes exist, which make it necessary to protect the physical access to your computer. Use firewalls to protect your network from invasion, and use up-to-date anti-virus software to protect your passphrase from being stolen.


 

 



Legacy ID



53


Article URL http://www.symantec.com/docs/TECH148859


Terms of use for this information are found in Legal Notices