IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [keepass]

KeePass is a free, open source password manager for Windows. It has unofficial ports for Linux, Mac OS X, Android, and iPhone. Passwords are protected with strong encryption keyed with a master password.

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).

102 questions
29
votes
3 answers

Is it unsafe to keep multiple versions of a KeePass database?

I keep my KeePass .kdb database in a remote location, and I never overwrite the old versions, I just append the date to the new version which I'm uploading. So it looks like…
Dominykas Mostauskis
  • 499
  • 5
  • 7
18
votes
6 answers

Practical and Secure use of KeePass

Currently I'm using KeePass as my sensitive data manager. I use just a main password to encrypt the database, but it is not very secure: 9 characters, lower letters and numbers mix with no meaning. Something like bwkvu5m8i I want to increase the…
user2247336
  • 183
  • 1
  • 1
  • 4
6
votes
2 answers

Keepass 2.0 file attachment security

I recently found the ability of attaching files to entries in KeePass 2.0: does KeePass just remember the location of files attached to the entry or does it encrypt the attached files inside the KeePass database somehow?
Matt
  • 121
  • 1
  • 8
6
votes
2 answers

Keepass' password protection in memory

Plenty of "passwords in memory" and "keepass" related (old) topics in here, but most of them are about how to harden key protection ; plus it seems protection mechanisms by Keepass have evolved for the last couple of years. In 2021, as KeePass is…
Ozwel
  • 173
  • 9
5
votes
3 answers

Is it safe to leave Keepass always opened on a computer?

I often need to get several passwords from my Keepass during the same day and I find myself having to open it and input the master password every single time, which is awfully laborious. The obvious solution to this problem would be to leave it…
drake035
  • 473
  • 1
  • 4
  • 11
3
votes
1 answer

Is it possible for someone to modify keepass code, recompile and make it available for free download?

I am concerned about the possibility to download a fake keepass upgrade. If possible this would allow many ways to get private data on keepass files! For example, keepass hacked or modified code could send the kbdx file by ftp to a server in China…
user42765
  • 31
  • 1
3
votes
1 answer

Is it not useless to increase iterations in KeePass?

So if increasing the number of iterations makes the computation power needed more in a linear way. Wouldn't that be a small increase compared to even a single more character added to your password? Even assuming you make your iterations take several…
Hormoz
  • 171
  • 4
3
votes
1 answer

Why do KeePass dabases contain a hash of their master password?

Background In the article How to Hack KeePass, the author used keepass2john on a KeePass database to extract a hash of its master password. For the database CrackThis.kdb the extracted hash was (line breaks added by…
Socowi
  • 133
  • 1
  • 6
3
votes
1 answer

Where to save Keepass' file?

Using Keepass since a year ago, been told it's an excellent method to store one's passwords. But what is the best location to save Keepass' file (the file where all password are stored and that you use when reinstalling Windows for example)?
drake035
  • 473
  • 1
  • 4
  • 11
2
votes
2 answers

Confusion about keepass portable and keyfile on an USB-stick

I want to start using keepass to set and get my passwords. To always get access to them I thought about using keepass-portable on an USB-stick. So I would have an USB-stick with a the program keepass-portable, my password-database and my keyfile on…
selmaohneh
  • 123
  • 1
  • 3
2
votes
1 answer

Export a folder from KeepassX

Is it possible to unencrypted export a folder in KeepassX? I would like to share a part of my KeepassX database with a collegue but I have all of the needed passwords in separate entries in KeepassX
rubo77
  • 2,390
  • 10
  • 29
  • 49
2
votes
1 answer

Is KeePass # of rounds relevant if you use a key file as master password?

I used to have my database set to 20.000.000 key transformation rounds and it would be fast enough on my PC but I found it takes too much time on my phones so I went to lower it and couldn't notice this: I use a key file as master password so as…
Freedo
  • 2,273
  • 5
  • 20
  • 29
2
votes
2 answers

Random mouse input vs random keyboard input vs CryptoAPI

I ask this question because it's really starting to annoy me to move my mouse until the " generated bits : 256 " appear every time I want to generate an password on Keepassand I wonder, why software require me to this tedious and completely non…
Freedo
  • 2,273
  • 5
  • 20
  • 29
1
vote
2 answers

How well will the max transformation rounds in Keepassx deter an attacker for the next twenty years?

Keepassx lets you decide how many transformations rounds need to be run in order to unlock your Keepass database. In my version of Keepassx (2.0.3) the max value seems to be 999,999,999. With that setting it takes my laptop about 22 seconds to…
Guildenstern
  • 115
  • 6
1
vote
2 answers

Will using a keyfile option to open a software such as KeePass defeat keyloggers and screen capture software?

I was investigating the security of keyfiles vs passwords and thinking that possibly the keyfile could bypass keyloggers that might be installed on my machine.
Dr. Rat
  • 11
  • 1
1
2