Won't it become more or a target in the cloud? Can information be intercepted if i sync with KeePass databases in the cloud? Thx
A KeePass database is decrypted on the computer running KeePass. As a consequence neither the Master Key or unencrypted data traverses the internet. KeePass database file encryption is independent of any cloud service. An attacker that gains access to a cloud account that contains a KeePass database is still faced with the difficult problem of decrypting the database. In any particular environment, a user may wish adjust the strength of the database Master Key based on their perceived the risk of losing control of the password database.
to add on to wellread1's advice brute force attack is further thwarted by adding transformation rounds to the encryption (see: file/database_settings/security).
A one second delay is normally not an issue to our daily use of keepass but a one second delay to a brute force attack neuter's its effectiveness.
I personally have no issues with my .kdbx my cloud account.
if you want to make extra sure use the password + key file as well
But don't put the keyfile in the cloud, too.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.