Does it make sense to encrypt LockAfter(Global)Time values in process memory?

A lightweight and easy-to-use password manager

Brought to you by: dreichl

Does it make sense to encrypt LockAfter(Global)Time values in process memory?

Forum: Open Discussion

Creator: sf1n4e1

Created: 4 days ago

Updated: 4 days ago

sf1n4e1 - 4 days ago

I think this question is primarily addressed to Dominik, and it is also closely related to the situation raised earlier in the link below:

https://sourceforge.net/p/keepass/discussion/329220/thread/fc2fc4fae2/#0607/196c/797a/9cac/c239/6a4b/8580

If I am concerned about the LockAfter(Global)Time uint values being modified in process memory (Memory Patching) to prevent a database from being locked, is it advisable to encrypt them in memory?

How critical will the overhead of cyclically encoding/decoding such values be?

Last edit: sf1n4e1 4 days ago

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Dominik Reichl - 4 days ago

You are assuming that a malware is specialized for KeePass and has the rights to read and modify the process memory of KeePass. In this case, it's over; KeePass cannot defend itself in such a situation.

Best regards,
Dominik

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.