What stops someone from modifying keepass source code to make a version that "bypasses" the encryption or password checks? Is there some kind of one-way encryption that prevents the master password from being extracted from the database file? I guess the answer's yes - but how does it work?
Question 2: This program is so useful I'm probably going to donate something. Are there any similar commercial products? What do they sell for?
I don't understand. http://keepass.sourceforge.net/infosec.php; ask concrete questions.
As the database is encrypted, you need to use the password to access anything in it. If I was feeling malicious, I could add some extra routines to collect the passwords once the database was open and mail them to myself. The trouble is, how would I persuade you to use my version of Keepass?
>The trouble is, how would I persuade you to use
>my version of Keepass?
Sure. I was wondering about the situation where someone compiles their own version of keepass, and uses it to access a database file they have acquired from somewhere illegally or runs it on someone's machine they happen to have access to.
Just to clarify a bit more ... I was thinking that because Keepass asks for the password when you open a database, it must verify that password somehow - which could mean the password is stored in the database somewhere, and since all the source code is distributed, the location of that password could be discovered and somehow decoded. But I guess the password just allows the data in the database to be decoded and if the decoding doesn't produce meaningful information then the password is rejected with the password itself not actually being stored in the database.
Since I don't know much about encryption, my concern was that makng all the source code available was a security risk.
Anyway, I wonder how hard it is for someone to upload their own malicious version of Keepass to one of the sourceforge mirrors. Or they could put it on any website of their choosing. If the source wasn't available it would be much harder to produce a fully functional malicious password manager that people would want to use.
Actually, the fact that it IS open source makes it more secure.
Would you want to trust your banking info with software that doesn't allow you to see the source and simply take their word for it? OR, would you rather be able to view the source and make sure there isn't any malicious coding and be able to make sure that the encryption is indeed being implemented correctly?
Choice is yours.
And to answer your question... as long as you use a secure password, there is no way anyone can open your database...
You are worried that someone can make a version of keypass that will open a keypass database without asking for a password. This is not possible. In order to decrypt the database, the password must be supplied... I am almost 100% sure of this but someone correct me if I'm wrong.
^^Just to add to what I worte above,
If you forget the password to your database, you are screwed! Not even the person who made keypass will be able to decrypt your database.
And what that means is, there is no way for someone to open your database without the password. So just make a secure password and you are A-OK.
Log in to post a comment.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.