GPG Suite Caching Passphrase in Apple Keychain

Donald Bosart's Avatar

Donald Bosart

07 Jun, 2018 04:58 PM

I was surprised today after updating to 2018.2 yesterday and using it once yesterday afternoon that this morning gpg was not prompting me for my password -- I thought for a moment I had found a very bad bug. After some Googling I found that the preference is now set to cache the passphrase in the Apple Keychain... Preferences>GPG Suite. I don't remember seeing this in the release notes (although admittedly I had skipped the prior update as it only seemed to pertain to 10.13 which I was not running yet).

Just a call out; the default seems a bad idea. At the very least GPG Suite should be more in the user's face about explicitly choosing what they want to do... whether they wish the convenience vs the risk in the event that their laptop is stolen, their weak Mac password is hacked, etc.

  1. Support Staff 1 Posted by Steve on 25 Jun, 2018 06:14 PM

    Steve's Avatar

    Hi Donald,

    welcome to the GPGTools support platform. Excuse the late reply - the last weeks were very busy with the release of GPG Suite 2018.2 and 2018.3.

    You can disable caching or storing in macOS in System Preferences > GPG Suite Preferences. Please see this KB-article on how to manage passwords for your keys.

    Two things about stolen laptops: Two measures should be taken: encrypt the startup disc with FileVault 2 ( And use a strong password for your mac.

    We are still working on a setup wizard and ideally this would be one step in the wizard. So ideally the user would be asked about the option and can make an informed decision which fits their needs.


  2. Steve closed this discussion on 05 Sep, 2018 05:42 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts


? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac