Hibernation and KeePass security

  • sors

    sors - 2014-03-24

    Let's say I leave KeePass open (minimized to tray), while I put the system in hibernation. I don't use the "lock workspace" feature in KeePass, but there's a Windows password after waking up.

    I read this from the FAQ: "By default, KeePass keeps in-memory passwords encrypted, therefore it does not matter if Windows caches the process to disk at some time. So, your passwords are pretty safe anyway."

    I'm not a programmer, but doesn't the database need to be decrypted in RAM somehow for KeePass to work?
    Basically I'd like to know if perhaps it's easy to retrieve the database/passwords from a hibernated system on a drive.

  • Paul

    Paul - 2014-03-24

    After a database is opened all data is stored in memory, but, by default, KeePass encrypts the passwords in memory using a self generated key. Reading the hibernation file will reveal some KeePass information but not the passwords.

    If you want to restrict more information you can encrypt other data in memory - View > Configure Columns. Even better is to set KeePass to lock the database when the computer is about to be suspended - Tools > Options > Security.

    cheers, Paul


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks