The master password provides pretty good security as long as you choose a difficult to brute force password (long and truly random), but it still can't compete with an actual long encryption key. If you want to secure it even further, you can add another layer of security by encrypting the file you store in cloud storage online. In this way, it may even be slightly preferable to having a local copy on a mobile device as someone may compromise the file if you take your eyes off your device even momentarily and it would be much harder to identify that breach occurred. It's certainly preferable that the DB file not get in the wild, but if your security depends on the encrypted file remaining confidential, then you have bigger problems than whether to use cloud storage or not.Ī sufficiently strong master password should prevent brute forcing at least long enough for a breach to be detected and for you to change the passwords within it. KeePass encrypts the DB because the file remaining secure isn't expected to be a guarantee. It is hard to quantify exactly, but if you have the DB on a mobile device then I wouldn't say this is particularly any less secure.
0 kommentar(er)
