Implementing a policy - Force changing the key - Is possible?
A lightweight and easy-to-use password manager
Brought to you by:
dreichl
Menu
▾
▴
I'd like to deploy KeePass throughout my organization. I'm configuring the *.enforced.xml file and my settings are working perfectly.
However, I'd like to keep my corporate security folks happy and require the end users change their master key periodically. I know the user can set the flag themselves but by default it's not on. I'd like it to default to "on" when a new database is created. I can then turn off that portion of the GUI and thus prevent them from turning it off.
I've scoured the net and looked through the source code but from what I can tell it's not an option in the .xml configuration file. Am I correct?
You are correct. All settings in "Database settings..." are stored in the individual databases, not in the configuration file.
There is no policy to turn off the portion of the GUI (e.g. Database Settings...) that allows users to change the "Force changing the key (days)" setting.
In conclusion I don't see a reliable way to accomplish precisely what you desire. However, you can specify the minimum estimated quality and length of the Master Password in the keepass.config.enforced.xml
It would be useful to have this as a settable parameter in "Minimum Properties of Master Keys".
http://keepass.info/help/base/keys.html#pwmin
You could add a feature request.
cheers, Paul
Thanks, I will add that as a feature request. That would be an awesome feature for enterprises.
An end-user can easily bypass an enforced configuration by opening the database in a copy of KeePass that is not bound by it. Consequently enforced configuration policy should be treated as an advisory policy, not a rigorous security policy.
The need to change a master password or any password is out of concern that even a strong master password may be compromised at some point, and that over time the probability that such compromise has occurred increases. The real advantage of KeePass is that it eliminates most of the problems that lead users to adopt the unsafe practices that increase the risk of compromise over time. Because a strong master password is only one password, it can be remembered, not stored insecurely or shared. Additionally, it provides convenient secure management for multiple, strong, individual, unshared, passwords that don't have to be remembered.
Using heavy handed methods that FORCE users to adopt inconvenient practices may actually backfire. For example an aggressive master password change policy may encourage users to write down the master password, or investigate ways to bypass the enforced configuration.