gpg4win kleopatra doesn't ask for passphrase on subsequent runs

Question

Am using gpg4win kleopatra for encrypting files. After bootup when I try to decrypt a previously encrypted file, it asks for a passphrase as expected. But after some time, if again I try decrypting a file it doesn't ask for passphrase and directly decrypts it. I don't what the gpg agent to remember my passphrase.

How to change this setting?

I checked the following check boxes:

Do not use pin caching while signing
Disallow the use of external password cache.

Even after selecting the above checkboxes it asked for passphrase once. But immediately after that, it decrypted without prompting for a passphrase.

I checked the existing post link below, but that explains only for Linux. Doesn't talk about the Windows gpg agent.

See also: https://security.stackexchange.com/a/103037/95810 – Hex Sep 18 '17 at 10:10 — Hex, Sep 18 '17 at 10:10

score 11 · Answer 1 · answered May 08 '18 at 07:16

11

This is controlled by the following setting:

Kleopatra Settings > GnuPG System > GPG Agent > Expire cached PINs after N seconds

Set it to 0 to make the cached password forgotten immediately.

answered May 08 '18 at 07:16

Maxim V.

111
1
4

score 4 · Answer 2 · answered Apr 03 '22 at 11:33

The settings have moved. Now it's under:

"GnuPG System" -> Private Keys -> "Expire cached PINs after N Seconds" and "Set maximum PIN cache lifetime to N seconds".

Or you can write it directly to the config in %APPDATA%/gpg-agent.conf

default-cache-ttl 72000
max-cache-ttl 72000

source: https://dev.gnupg.org/T4449

gpg4win kleopatra doesn't ask for passphrase on subsequent runs

2 Answers2