Hard\Thumb-Drive Serial Number Locking List as 3rd Auth
Method
Add the ability for a list of approved Hard\Thumb-Drive
serial numbers that must be present on the system
before opening the database.
For example the user could have a list of Drive serial
numbers presented to them for a selection of drive
serial numbers that must be present in order to open
the database.
Users would be further encouraged to add at least one
portable drive device like a thumb drive so they could
open the database on other computers and/or add other
computers drives once the database is open.
This feature of using a hard and/or thumb-drive serial
number could be in addition to using a KeyFile or a
substitution for it.
The added security benefit would be that an attacker
would then have to also figure out a victim’s hard
drive serial numbers and spoof them as well on a
different system. This with a KeyFile and Master
Password would add three levels of security onto
Keepass database access.
Logged In: YES
user_id=556887
It appears to me that there would be no significant security
benefit of this feature. The problem is that the list
itself would not be secure. It would probably live in
KeePass.ini, for example. The attacker could simply change
the list to anything he wanted.
Bill Rubin
Logged In: NO
Make it part of the password key string?
Logged In: YES
user_id=781477
I see this as a third option and/or replacement to the
keyfile .
So it would not reside in a ini file but rather be part of
the password string.
Logged In: YES
user_id=556887
My last comment understated the problem with this proposal.
The basic idea of the proposal seems to be for KeePass to
check that one of the listed drive serial numbers is
actually present before opening the database. But an
attacker could easily bypass this check with his own version
of KeePass, which it would take very little skill to create.
Bill Rubin
Logged In: NO
That's a great Idea, it should also load a database file
automatically upon insertion of a thumb drive containing
said file.
Logged In: YES
user_id=1529246
Even if this feature could be securly implemented, what
happens when the hard drive whose serial number you selected
as needing to be present to open the DB fails? With a key
file, backups can be maintained to prevent locking yourself
out of your DB in the case of a media failure. The majority
of users would not be able to figure out how to spoof their
hard drive serial number (assuming they have a clue what it
is) so that they can get into and modify their DB to use a
new serial number. Using multiple SNs would limit this
problem but it wouldn't prevent it.
If this feature is implemented, thought needs to be giving
to how to recover from a media failure case.