After adopting a variation of the Gentoo policy for managing OpenPGP (GnuPG) keys I now feel confident enough to use OpenPGP to save sensitive passwords in the cloud. Gentoo’s GLEP 63 policy takes the guesswork out of key management and provides some best practices valuable when encrypting sensitive information.

Although saving sensitive passwords in the cloud may seem a foolish endeavor the alternative is to keep passwords on the sneakernet and risk losing them. Given the abundance of thumb drives and their general multi-purpose use one might, for example, accidentally erase their only backup. Not to mention saving data on any physical medium carries the risk the physical media becomes corrupted.