![]() The keyfile is more something you have (though it might be copied by adversaries), and a password is something you know. Keyfiles are typically stronger than master passwords, because the key can be a lot more complicated however it's also harder to keep them secret. The keyfile for KeePass is just another kind of passphrase, as it is stated in the Keepass Documentation:Ī key file is basically a master password in a file. So am I getting this completely wrong and is the keyfile in fact more secure? Or is it more of a thing where some people prefer sticking a USB stick in their PC instead of typing a password?Īnd lastly, since you can use both, is there any point to having both a keyfile and master password if I am unwilling to plug the USB stick in and out (thus leaving the keyfile on the harddrive (or letting the USB stick stay connected 24/7)? Or would that render it nothing more than a little security through obscurity? Only one time password could protect against that. And if it takes over a lifespan to bruteforce the complex password, it's not that meaningful that the keyfile has a longer and more complex password, right?Īnd if the system is compromise it doesn't really matter either way. But it isn't (meaningfully) more secure than just having a password right? Remembering a single complex password is quite possible. So only if you use a USB Stick it's secure-ish. The PC is yours and the datbase is on it, and the key is on a usb stick: secure as long as your system it not compromised.The database and key are on one system: basicly a open door.But I am not sure how it really helps security that much. KeePass has the option for a master password and key file (and windows login).
0 Comments
Leave a Reply. |