When using Windows Account as key, make it auto-checked
The current behavior is that when you are using Windows Account as key, you will have to check it manually when entering the master password. My suggestion is that, when a user uses his Windows Account as key, is to make it auto-checked by default. The reason is the main function of set Windows Account as key, is to prevent others from opening your database to their computer. Since it's impossible for them to clone your Windows Account, having it auto-checked by default will not reduce your security, besides, you will still have to enter your password.
I actually filed a ticket for this, and just want to post it in the discussion forums.
You can have KeePass automatically check the Windows account tick box when opening a database by adding the "Check user account." flag to the <KeyPromptFlags> in the KeePass.config.xml. See: http://keepass.info/help/base/keys.html#pwmin. This would change the behavior for all databases.
I can not think of why the composition of the master password would need to be stored with the actual database other than to implement this feature, and that would have the side effect of providing potentially useful information to a cracker, so the above option might be the best one can do.
I didn't know that one. I must have overlook it when learning to use Keepass. Thanks for the info!.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.