I am wondering if any fields in KeePass are less safe than others?
For example, say I register in a forum and I save my user name and password in their respective fields in KeePass: "User name" and "Password".
However, when I first register with a forum, the admin of those forums might send me an email confirming my registration in the forum, as well as confirming my username and password. I sometimes copy and paste this entire email, in plaintext, into the "Notes" section of that entry in KeePass. That way, if I second-guess myself later, I have the original email on hand to confirm my account information.
Now I am wondering if this is bad practice. Perhaps the "Notes" section of KeePass is not as heavily secured as the proper "Password" field. Or perhaps all fields are equally well-secured.
Any info either way?
When a KeePass database is unlocked, sensitive data such as entry passwords and the master key are stored encrypted in process memory. If this is deemed insufficient, maximum security is achieved by locking the database.
There is always a tradeoff between security and factors such as convenience, usability, and performance. Keep in mind, that given the current state of computer technology, it is usually not possible to use data without exposing it at least temporarily. Hence one should not rely exclusively on KeePass for security; general computer security measures and your usage habits are also an important component of overall security.
The KeePass database is encrypted as a whole, so all information, including Notes, is equally secure. This is not the case once the database is unlocked, as indicated by wellread above.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.