That will be because it's not a bug or vulnerability.
KeePass stores passwords encrypted in memory to avoid this possibility. If a user decides to show the passwords and a memory dump occurs there is nothing KeePass can do about this.
This issue has been discussed in multiple places. In order to make it easier to find the latest information, I've now added a section on the Security Issues help page: https://keepass.info/help/kb/sec_issues.html#fdslog
Best regards,
Dominik
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That will be because it's not a bug or vulnerability.
KeePass stores passwords encrypted in memory to avoid this possibility. If a user decides to show the passwords and a memory dump occurs there is nothing KeePass can do about this.
More details on the KeePass site: https://keepass.info/help/base/security.html#secmemprot
cheers, Paul
This issue has been discussed in multiple places. In order to make it easier to find the latest information, I've now added a section on the Security Issues help page:
https://keepass.info/help/kb/sec_issues.html#fdslog
Best regards,
Dominik
KeePass.config.enforced.xml doesn't like to be taken into account in
C:\Users\User Name\AppData\Local\VirtualStore\Program Files\KeePass Password Safe 2
C:\Users\User Name\AppData\Roaming\KeePass\
But only in C:\Program Files\KeePass Password Safe 2
So every user with admin right can change it.
It will be more complicated in AppData because only the current user and local administrator have right on this folder
Regards