Password Generation profiles getting lost

Help
2009-08-24
2012-12-13
  • I have a handful of custom generation profiles I save, and every once in a while they end up just disappearing. I've since learned to store any complicated patterns in a notes field, but nonetheless it's annoying to have them disappear repeatedly.

    Running 2.08 currently, but have had this with happen with other 2.x.

    Thanks,
    Shawn

     
    • Paul
      Paul
      2009-08-24

      Password gen profiles are stored in the config file. Maybe your config file is not the one ou were expecting?
      http://keepass.info/help/base/configuration.html

      cheers, Paul

       
    • Aha -- when I updated to 2.08, the global config file got overwritten

      Thanks, Shawn

       
  • Cool16v
    Cool16v
    2012-12-12

    I just started using KeePass 2.20.1. Awesome tool!

    I started out using this tool on my personal laptop.

    I decided to install it on my work pc too and I'm using the same config/key files on an SD card.

    While on my work PC today, I created a few Password Profiles.

    Now that I'm back on my personal PC, those Password Profiles are gone.

    Is this a bug or is there a setting I need to enable?

    Thanks in advance for your help.

    Update: I'm reading the Local Help on the tool and searched "config file" and came across a section where it talks about the config file. I guess I have to do some reading here and find the best strategy as I'll be using the same keypass files (off of the SD card) between my personal and work laptops.

    In any case, if you can offer some advice, I'd appreciate it. Thanks!

     
    Last edit: Cool16v 2012-12-12
  • wellread1
    wellread1
    2012-12-12

    The keepass.config.xml file on the SD card is probably not the config file that KeePass.exe on your PC is using. The active KeePass.config.xml file is kept in one of a few locations determined by your installation settings and the OS. See http://keepass.info/help/base/configuration.html for details. The active keepass.config.xml will have a last modified date corresponding to the last time you exited KeePass.

     
  • wellread1
    wellread1
    2012-12-12

    It is probably easiest to manually recreate the password profiles on your PC installation because the keepass.config.xml file contains installation specific customizations and PATHS. Multiple KeePass installations that are compatible with a common config file are likely to take considerable effort to create and maintain.

    If individually customizing each KeePass installation is not an acceptable solution you can create a KeePass installation on removable media and run KeePass from that everywhere.

     
    Last edit: wellread1 2012-12-12
    • Cool16v
      Cool16v
      2012-12-12

      Thank you wellread1 for the quick response!

      It looks like the problem here is between the chair and the keyboard. :)

      I shoudn't have assumed that that files I had on my SD were "all" I needed between both my home pc and my work pc.

      I may have to go the removable media route as it is probably the most practical solution. Then again, I may want to, as you recommended, maintain separate database files between the two machines.

      Nonetheless, I'll figure out a strategy. Thanks again for your assistance.

       
  • wellread1
    wellread1
    2012-12-12

    The password database file is installation independent so it is not necessary to maintain independent copies (except for backup) unless you don't want to keep it on removable or shared media. However, the keepass.config.xml file does contain installation dependent information.

    In any configuration it is important to protect your passwords by maintaining a current backup of your password database (and key file if used).

     
    • Cool16v
      Cool16v
      2012-12-12

      I'm not sure if you can answer this, but why wouldn't something like the password generation profiles be stored with the database file rather than the config file?

      I wonder of the templates I created are impacted by this too. I'll have to look at it when I get back home.

       
  • wellread1
    wellread1
    2012-12-13

    I can only speculate but if the password generation profiles were kept with the database they would be unavailable to the user when working with other databases. KeePass can manage multiple databases.

    Secondly the password generation profile is not a source of password strength. Therefore it is not an important secret. The variable portion of a password is the primary determinate of password strength. A profile effectively reduces the strength of the set of passwords compared to the set of same length random passwords based on the same character set. General information about password strength and how to estimate password entropy can be found in the Wikipedia article on password strength.

    Password generation profiles should be used sparingly, and with full knowledge of their weakening effect, to accomplish specific objectives such as to improve readability, memorability or to satisfy externally imposed requirements.

     
  • wellread1
    wellread1
    2012-12-13

    I don't know the cause of the large font formatting present in the emailed version of previous post. It was unintentional and is not reflected on the forum page.