Jump to content

Where to store a Keepass password file? - which risks do you consider !?


dil_bert

Recommended Posts

Where to store a Keepass password file?

Where would you recommend me to store a Keepass file?
Usually I have my personal documents in my cloud account - but i am not sure if this is safe. Would it be safe to use the cloud for this file?

But what can i  do with the KeePass password file, there are several arguments to decide where to store it.
In my humble opinion, if the passwords are really, really important to someone, one should make the decision based on:

- The risk of the file being hacked - what can we do if we consider to get hacked
- The risk of losing the file because of having a bad hdd - what do you do if you face disk errors. And sure thing -. there are more things to think

- there may be more and other risks - which one do you take into consideration"?

summary:  above all - some final considerations: well - i find it hard to tell you what is the best location. I personally think that it depends on several circumstances:

What would you do - where do you store your keepass- password file!?

Link to comment
Share on other sites

  • 3 weeks later...

 What would you do - where do you store your keepass- password file!? Where do  you store the KeePass-DB? Where would you recommend me to store a Keepass-file? Usually I have my personal documents in my cloud account - but i am not sure if this is safe. Would it be safe to use the cloud for this file? Can i secure it even further, by adding another (extra) layer of security by encrypting the file.

General question; How safe is this? What risks do I need to know about?

what can i do with the KeePass password file, there are several arguments to decide where to store it.
In my humble opinion, if the passwords are really, really important to someone, one should make the decision based on:

- the risk of the file being hacked - what can we do if we consider to get hacked
- the risk of losing the file because of having a bad hdd - what do you do if you face disk errors. And sure thing -. there are more things to think
- what if someone may compromise the file
- is it preferable that the DB file not get in the wild,
- there may be more and other risks - which one do you take into consideration"?
- what if my cloud storage account is getting compromised then having the credentials recovered by either brute force or some other attack vector.


What if someone may compromise the file?
- Options; can i secure it even further, by adding another layer of security by encrypting the file i am going to store in cloud storage online.
- regarding the master password: master password provides pretty good security as long as i choose a difficult to brute force password (long and truly random),
- on the other handside - a masterpassword still can't compete with an actual long encryption key.
- we can increase the resiliency of the KeePass database to brute force by increasing the number of PBKDF2 iterations
- we can  do this in KeePass under File > Database settings > Security: Personally, I use around 10,000,000 rounds (2 s delay).


well -- as mentioned above; I use the KeePass-cloud combination. The password database is encrypted using a key derived from a strong master password.
Even if somebody acquires the encrypted password database through the cloud account, a strong enough master password renders brute-force attacks infeasible.

what can i do with the KeePass password file, which of the arguments do you take into consideration - to decide where to store it.

 

Link to comment
Share on other sites

I use a commercial solution now mainly because I was never happy with the OSX options for Keepass once I started using a Macbook as my workstation.

With that said, I stored the file in a shared dropbox folder, but really any cloud file storage service will work.

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.