Is the encrypted password database file safe? I mean is keepass a good manager to use?

Is the encrypted password database file safe? I mean is keepass a good manager to use?

Other urls found in this thread:

passwordstore.org/
keepass.info/help/v2/autotype_obfuscation.html
twitter.com/SFWRedditGifs

as safe as it gets considering what password you use

The best apart from pen and paper.

It's one of the safest, much better than the LastPass botnet. If you're really paranoid about security you can use KeePassX.

>Is the encrypted password database file safe?

That depends on you and how good of a pass you use. If you're a moran who set the pass to Mycat1234, then no.

>I mean is keepass a good manager to use?

Yes, it's very convenient.

Yes and yes. You still have to set a good master password like mentioned, and you have to keep the machine you use it on clean and malware-free. But you have to do that with any password manager.

Also back up your database file.

How does it work? Do you need to copy & paste?

You create an encrypted database and enter account via the UI, which you associate with a new generated password. Copy and paste the generated password to change the account

Ohh so it's all copy & paste? Not bad I guess. Does it store shit on the cloud?

Keepass does not. At all. It's just a file that lives on your hard drive, wherever you see fit to put it.

This is a selling point since it means you don't have to trust a cloud service with the keys to your castle.

Best way is to use keypassx in combination with syncthing to sync your database to all your devices (end to end encrypted). Works with android but the android keepass client kinda sucks.

Syncthing is an open source p2p sync program that lets you sync a folders to folders on other computers with end to end encryption so no servers store your shit.

You can copy and paste but it makes it very easy, and you can also press ctrl + v on your entry and it will type in user and password in the last tab you had open. You can also create a macro or script or something to make it work on more stuff i think

No but you can upload the database to the "cloud" if you want. I have mine uploaded to my Googl Drive because I need to access my database file on my smartphone. Doing this isn't recommended though

Why Google Drive of all places? Mega seems better.

Convenience really. I trust Google over MEGA (in the sense that their security is better)

It's not like they are going to break through your network, get remote access to your PC, and then break into your Keepass database. You'd have to be specifically targeted for that to happen or be retarded enough to get infected by some nasty shit that gives them total remote access and they happen to notice you have a keypass database.

Just don't use fucking lastpass or other online password databases, that's pants on head retarded and all the lastpass users just got burned because of it. There's an android app for Keepass, so install that and use it when needed.

thereĀ“s no need to "break" into the database
it can be snooped out as soon as he opens it to use it

>meme manager

If they're on your computer snooping your clipboard or keypresses or analyzing your memory, you're already fucked so hard it doesn't even matter if you use keypass or not.

yeah it's alright.

been using pass now, but keepass is alright, which may ot may not change after the audit the yuros are doing

Can't argue with that!

this. People on Sup Forums disparaging password managers don't even understand the point of them.

The point of keepass isn't to 'NSA proof' your system, it exists so that you can use a unique strong password for each account you have, so that your passwords are resistant to brute force, and also in the event of a phishing attack or other sort of account hack, your other accounts won't be compromised because they each have a unique password.

LOL I just found out the hard way that Windows KeePass 1.x databases can't be imported/viewed with KeePass X

so I locked myself out of my windows user and couldn't open open the database from my Ubuntu. Ended up using a neighbors Windows machine with portable KeePass 1.x

my advice - just use KeePassX

JUST

You couldn't download KeePass 1.x on your Ubuntu machine?

not the brightest are we?

Why not follow the Unix philosophy with pass?
passwordstore.org/

If you don't mind having mono this could also have been fixed with KeePass's mono version, which is in the Debian/Ubuntu/Fedora/SUSE/Arch/etc repos.

Personally I am using KeePassX at work and Pass (passwordstore.org) privately. So far I prefer Pass, but if you don't have experience with gpg KeePass(X) is the better option.

My KeePass is shared using Google Drive, my personal one is in a private git repo on Google Cloud. Both e-mail addresses are hosted on Google (Business) anyway because I've been too lazy to set up my own servers and don't know yet which companies I can trust.

You can upload the database anywhere if you have your keys offline for it + password.

Because i want a GUI

Pass has a cross-platform GUI named QtPass. So far it works very well for me.

I'm already using Keepassx and don't feel like switching

Then don't. Both KeePass and Pass work well.

really makes you think

Why don't you just copy the file from your desktop to your phone, locally? Once you've set up the db you won't be changing or adding a lot of passwords constantly.

idk just cause

...

i'm amazed that no one has brought up TCATO: keepass.info/help/v2/autotype_obfuscation.html

or the plugins which make keepass a lot more secure imo, such as using the twofish algorithm for the database and using keyfiles in addition to a very long strong password. using keefox if you use firefox to prevent the unnecessary use of either the clipboard or simulated keypresses if using the auto-type function. i've been using keepass for a few months now and i'm loving it so far, keepassx just seems far too stripped down for my liking. it reduces way too much functionality to make it not that much more secure

TL;DR

What I currently use is KeePassX-http + PassIFox. It replaces the Firefox built-in password manager with KeePass. It communicates over AES. Any idea how this compares to TCATO?

programming is crazy

>communicates over AES
that's not a means of communication. it's a type of encryption. just like twofish but far more common and probably already highly vulnerable to government sponsored attacks.

keefox is what you should be comparing to PassIFox. it automatically populates your login fields and gives you an option of which login to use for that site (assuming the same domain name is used in the keepass entry). keefox uses a local server on your machine to send the information with some sort of encryption i think. i honestly should know more about it. but i trust it. it's served me well for a while now

Used the wrong words, sorry.
I think Keefox is basically the same as KeePassX-http+PassIFox. I still have doubts about both.

Does Keefox work on Mac and Linux? KeePassX-http+PassIFox does.

it works on any platform that firefox and keepass are supported on because it runs using two (i think) keepass plugins and a firefox addon

I use keepass 2 and access my passwords through a file on my one drive

I'll have to try that later this week.
KeePassX is native while KeePass is mono, so I have the interface for KeePass isn't too bad.
Thanks.

yeah i use dropbox. although i should be using a veracrypt container really

not sure what you mean by those terms. give it a go though, it's seamless and pretty secure for me

KeePassX works natively on Mac/Linux.
KeePass requires mono (Mono is an open source implementation of Microsoft's .NET Framework). You can probably guess why I have doubts a Microsoft framework would play nice with Mac/Linux.

please tell me you're not using mac

No mobile app.

ah ok. well it's worth a try to see if you prefer if and find it more useful. it's kind of a saviour for me

For work. The company I work at wants me to be familiar with either Windows or Mac and don't care much yet for Linux workstations.

Mac has the BSD/GNU tools I am familiar with (newer versions available through a package manager).

How is Mycat1234 a bad password?

Yes, idk since its not open sores.

I made my own program that does virtually the same thing that keepass advertises. I limit myself to NaCl encryption options tho

lol

you need to have a symbol
Mycat!1234

lies, there is password store on f-droid

and if you are using that other OS, don't bother replying to me, i'll just ignore you

ouch. dat frostbite

Meanwhile, at Google HQ.

you could do that but setup a key file that is only kept locally and never uploaded.

somewhat of a 2FA, provided the adversary isn't motivated enough to get into that db one way or another.