Currently, my kdbx files are encrypted AES256 / Rijndael and key transformation is AES-KDF with 60000 Iterations (default settings, I believe). To protect agaist dictionary attacks I understand key derivation is used. Now I had this random thought, how hard would it be to crack the master pwd but I got somewhat lost in the maths from random calculations, either way some tools seemed to be rather pretty quick to my surprise (not sure how reliable this info is, that's why I am here to hear your opinions :-) ). Now I don't use any automated sync so what I usually do, after there are some changes made I take DBs, zip them together (password protected too - different passoword) and upload them to my personal cloud (2-FA, different password too), then manually "sync" on devices as needed (meaning I download latest iteration of my kdbx files from my personal cloud and rewrite the old ones on devices). I only use vanilla KeePass, I open DBs on 2 devices (Windows computers) - both used only by me. I was re-evaluating security of my personal and professional assets, obviously my KeePass DBs and their security is very essential to me.
0 Comments
Leave a Reply. |