I downloaded KeePass Password Safe and I find it a very helpful tool in keeping together my passwords safely and not having to remember them by heart all the time.However I have a suggestion on what happens after 3 failed attempts to log in to a database file using the Master password. Is it not possible to change the Code so that the database gets locked after 3 failed attempts and to unlock it there should be some security questions? I believe this is worth a security feature otherwise a person can keep guessing the Master password for unlimited number of times and with luck break into the database
I think you might be operating under a misnomer.
The act of "logging in" is really the act of taking the encrypted file and decrypting it into memory.
So long as changes (updates/deletes/inserts) are not made the original .kdbx file remains on disk unchanged. There is nothing saying the disk has to be a writeable device.
The .kdbx file could be on readonly device such as a locked USB device or DVD.
The .kdbx could also be a copy of the original. The point being there is no real way to guarantee that after x attempts the .kdbx file can be changed so something special needs to occur to unlock it. Another reason why one cant guarantee something special needs to occur is the encryption routines for keepass are open source.
This means that the windows keepass program is not the only front end that can decrypt a .kdbx
We can use our .kdbx on things such as smartphones or linux boxes because other vendors have taken the time to write frontends for those machines. If windows keepass changes its front end to do something special after x failures that doesn't mean all other vendors must make a similar change.
Because of all of the above I think it comes down to if buy into the premise that a .kdbx is securely encrypted. If you do then you need to trust that fact. That said what we can do is make it so that even if a hacker is given an unlimited number of attempts it would take them multiple lifetimes to stumble upon the decryption key.
A long, complex master key is a great start to that goal.
So is increasing the required transformaton rounds (file/database_settings/security) this would reduce the number of guesses a hacker could execute per unit of time.
For example lets say you increase the required transformation rounds so high that it takes your hardware a full second to do those calculations to decrypt the file.
That one second delay will not dramatically impact your ability to use keepass. But a hacker on similar hardware would be limited to just 60 guesses a minute.
If a hacker can do a few million guesses a second then they might enjoy success in eventually decrypting your file in their lifetime but at just 60 guesses a minute it simply wont happen.
There is no point in asking additional questions after 3 attempts, unless your password is hopelessly weak.
If a hacker want to break your database they will not use KeePass to attempt to open the file, they will use their own code, possibly based on the KeePass source code.
I'm new to open source software and how it operates but both the response from develop1 and Paul make a lot of sense. What I had in mind was the way online Bank accounts operate. After 3 attempts or a number of attempts, if a wrong Master password has been entered the file should lock up and require more security questions. I was thinking in terms of having a KeePass file on my Smartphone as well as my Lap top because I have so many different passwords and I'm not very good at keeping then in my head. However a few weeks ago my smartphone was snatched away from me and had important passwords stored on it so that is why I'm conscious of the security of a Keepass file if stored on my smartphone.
While on the subject of the Master password,I'm not sure why there has to be a Key File and what it does. I have just used a Master password on my KeePass database and I think it will suffice for me.
to answer your question on keyfiles.
Authentication is the act of proving you are you claim.
Historically the basic tools of authentication are:
- something you know
- something you have
- something you are
Whomever owns the system being accessed sets the rules as to what they require one does to prove you are you you claim to be. Generally the rules being set means using at least one of the above but it could be any two or all three.
In terms of keepass
a passphrase is the "something you know"
a keyfile is the "something you have"
a windows user account is the something you are"
you can change the rules as to what is required to decrypt your .kdbx file at any time.
you can mix/match any permutation of the above three things.
Using two or more concepts raise the bar of what must be hurdled to authenticate but come at the price of the hassles of needing to do those things.
I think most people find a strong passphrase by itself yields security with exceptional ease of use. while others feel the hassles of both a keyfile and a passphrase worth it.
I think most find using a windows user account as part of the required mix as the least desireable since unless you are very technical and take the proper steps in advance of a crash should your PC crash it is likely you will never be able to open your .kdbx again.
So far I have been happy to use the master password only and I don't intend to use the key file but I get your point that using 2 or more concepts to decrypt my .kdbx file seems more secure. It is a wonderful tool for storing passwords.
I use KeePass2Android on my tablet as it has a quick unlock, which saves lots of time attempting to enter my master password on the tablet keypad. You only get one attempt to "quick unlock" the database before you are required to re-enter the master password.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.