passphrase no longer accepted after updating to 2017.1

Bela Baboso's Avatar

Bela Baboso

13 Oct, 2017 09:30 AM


I guess it's an often discussed problem for you guys and you're probably tired of the people not understanding that it might be a problem you're not able to fix. Before I decided to write here I did my research (as well as I could) looking for a solution somewhere on the internet, without pestering the customer service with an often asked and often answered question.

so here comes my problem: It seems that I have forgotten my passphrase for my GPG Keychain. GPG Keychain used to work fine, for the last year for me and I was aware of the fact, that I'm the only person responsible for my PGP Key, and if I lost it or deleted it, there wouldn't be a way of restoring it (which I found to be the whole point of GPG). Anyways in the last year, I was never asked for my passphrase, while I was decrypting text with my Key. But since about two weeks, whenever I was about to log into my email or tried to decrypt some text a message would pop up, asking me to enter my passphrase.
Now since a couple of years, I've always used a similar password for all kind of things (with slight variations, due to obvious reasons), and since I learned from my mistakes in the past I quit using completely new passwords, which I would forget eventually if I wouldn't use them on a daily basis. So I'm quite sure, that I would have used a variation of my password for the passphrase for my Keychain as well. Unless GPG wouldn't allow me to use all the characters which I usually use for my passwords and would have made me chose some new password.. So first I wanted to ask, if there are any characters or symbols that useres of GPG arent allowed to use in their passphrase? this would help me in working out, what variation of my password i might have used and to make an estimate, of how much time I would have to give myself in figuring out my password again by myself, or if I should give up now, instead of wasting more time.

the second question is: I still have an OpenPGP Exported ASCII Key saved on my computer. Does this help in any way?

the third question: it seems that the only solution after forgetting your passphrase is to revoke your key. which made me wonder, what use it is to revoke a key which I forgot my passphrase for? it might be due to me being not a native english speaker, and thus not knowing the proper meaning of revoking... but for me it sounds, as if I would just delete my Key this way which wouldn't help me at all with my problem, that I would still need the Key to log into a website, which includes a PGP authentication. or do i misunderstand the meaning of revoking a key?

the last question: does it to you guys look like that I'll be unable to log in to the before mentioned website, where i normally used my PGP key?

What did you expect instead

I kind of expected instead a way to help me remember my passphrase. I would have hoped to have an option, to enter clues about my passphrase, since it seems to me to be a passphrase which you dont use that regularly and is prone to be forgotten. it would have been nice to have more attempts to enter your passphrase than only 3 times. since it takes me mostly a few attempts to figure out which variations of passwords i have used for a certain site, and you dont describe what will happen after you entered the passphrase wrongly 3 times... which isn't helpfull at all.

Describe steps leading to the problem.

me forgetting the password, which i supect was chosen not properly.

Are you using any other plugins?

not that i'm aware of..

  1. Support Staff 1 Posted by Steve on 13 Oct, 2017 10:10 AM

    Steve's Avatar

    Hi Bela,

    welcome to the GPGTools support platform. Sorry you are having problems using GPG Suite.

    the pinentry requests you are seeing are happening due to the migration from MacGPG 2.0.x to 2.2.0.

    Please visit the following KB-article and let me know if that brings you back to the expected state.

    Keys are revoked and the revoked version uploaded to the key servers mainly to share that information with others. So if your friends update your key from the key server they will see it has been revoked. And since messages cannot be encrypted with revoked keys that also prevents from you receiving messages encrypted with a key you are no longer intending or even unable to use.


  2. 2 Posted by Bela Baboso on 13 Oct, 2017 11:04 AM

    Bela Baboso's Avatar

    hey steve,

    you're a hero. worked like a charm.
    thanks for your help


  3. Support Staff 3 Posted by Steve on 13 Oct, 2017 11:07 AM

    Steve's Avatar

    Hah, not so much a hero :3

    But really glad, this is solved for you. I'm closing this discussion. Should you need further assistance or have questions you can re-open this discussion here or open a new one any time.

    Best, steve

  4. Steve closed this discussion on 13 Oct, 2017 11:07 AM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac