Help save net neutrality! Learn more.
Close

#1171 Rules for password generator are vulnerable

KeePass_2.x
closed
nobody
None
5
2013-10-17
2013-10-17
No

In KeePass 2 the patterns for custom passwords are stored outside the database. This makes them vulnerable to changes without the users knowledge, possibly weakening future passwords. I think the rules for password generation should be stored inside the database. Knowing the rules to build a password may weaken the password's strength also. Having the rules in the database makes the KeePass database more "portable"

Discussion

  • Dominik Reichl

    Dominik Reichl - 2013-10-17
    • status: open --> closed
     

Log in to post a comment.