-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

No Reply wrote:
> When the passphrase is invalid, there is about a 10 second pause before
> gpg exits and the next attempt can be made.

The pause, I think, is GPG trying to use other methods to decrypt using
that passphrase, I always found that PGP and GPG pause longer an on an
invalid passphrase than a valid one. It probably has to do with trying
possible compression/decryption algo's to make a passphrase work even if
its different from the one specified in the files info.
- --
David Wade Hagar AKA Cyclops

http://members.cox.net/dwhagar
http://www.livejournal.com/users/dwhagar
http://genius-of-lunacy.blogspot.com/

"It's sick, but it serves a purpose." - Bill Cosby
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: http://members.cox.net/dwhagar/personal-key.asc
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iEYEARECAAYFAkHV5l4ACgkQbPwf4VgkRDvU2gCg3mIsAHFPUQ q+WpkeFfmLIxo5
l3kAoK8TyBshYE7s3U1qn6lAVygdp4/a
=doxv
-----END PGP SIGNATURE-----

On 31 Dec 2004 18:46:02 GMT, No Reply wrote:

>When the passphrase is invalid, there is about a 10 second pause before
>gpg exits and the next attempt can be made.
>
Usually (good) programs which use password authentication adds a delay
to extend the minimize the risk in an event of a brute force attack.
It takes much longer to brute force with a delay added.

Best regards

Stig Norre

System Consultant
IBM Certified Technical Solutions Expert
http://www.at400.dk