I tried to change the name and type of the database file, to say, "user_manual.pdf", so that it's not obvious that it's a keepass database.
But after that, keepass refuses to open the database (I use of cause the same keyfile and Master key password).
Is it possible? and if so, what's the procedure to do it?
Thanks in advance,
Zi
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
KeePass doesn't care what the file extension is, see the attached screenshot. What is the error message?
I don't recommend obfuscating the database name. A strong database master key is more than sufficient to protect your database file. Obfuscating the database name is far more likely to cause your problems than hinder a malicious attack. Besides, an attacker can easily identify a KeePass database by other means. So can KeePass using the 'Normal' search in File>Open>Find Files....
There is no difference. The database name IS the filename.
In Windows simply rename the database file to anything you like. It can be located anywhere where you have read/write access to. Go to KeePass and open the file using the file open menu item.
The database file does NOT need to have the kbdx file extension - it is just that having the kbdx file extension makes it easier to find the file from within KeePass and for KeePass to be opened by finding the file and then double clicking it.
I personally don't believe that renaming the file will add any realistic additional security in practice. It will just make it more difficult for you to use but it is your choice.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Yes, you can rename your KeePass database file(s), but most of the regulars here see it as being more trouble than it's worth. (I am perhaps the only regular contributor here that does not share this opinion.)
There are also other things that could be made available to users to simplify or enhance obfuscation, but the KeePass author considers the whole topic to be unworthy of any effort on his part.
Hello,
I tried to change the name and type of the database file, to say, "user_manual.pdf", so that it's not obvious that it's a keepass database.
But after that, keepass refuses to open the database (I use of cause the same keyfile and Master key password).
Is it possible? and if so, what's the procedure to do it?
Thanks in advance,
Zi
KeePass doesn't care what the file extension is, see the attached screenshot. What is the error message?
I don't recommend obfuscating the database name. A strong database master key is more than sufficient to protect your database file. Obfuscating the database name is far more likely to cause your problems than hinder a malicious attack. Besides, an attacker can easily identify a KeePass database by other means. So can KeePass using the 'Normal' search in
File>Open>Find Files....Thanks for your advice.
Create a new Database.
Then open that database.
Then, File>Database Settings>(change name here).
It seems that there we can change the database name, not the database file name.
Thanks anyway!
There is no difference. The database name IS the filename.
In Windows simply rename the database file to anything you like. It can be located anywhere where you have read/write access to. Go to KeePass and open the file using the file open menu item.
The database file does NOT need to have the kbdx file extension - it is just that having the kbdx file extension makes it easier to find the file from within KeePass and for KeePass to be opened by finding the file and then double clicking it.
I personally don't believe that renaming the file will add any realistic additional security in practice. It will just make it more difficult for you to use but it is your choice.
Ok, I'll keep the extension.
Thanks.
As already mentioned both the database filename and the database name can be changed.
Encryption provides strong protection. Obfuscation provides weak protection at best. For KeePass obfuscation is a pointless waste of time and effort.
Last edit: wellread1 2023-05-31
Clear. Thanks very much!
I'll have to disagree here. btw I'm actually work in the cyber-security industry so I probably know a thing or two about cyber attacks
Many tools simply enumerate for .kdbx files, changing filename could have obfuscate your database location
Needless to say that KeePass by default will keep track of your database location in the config file
So that can be extracted from there
Yes, you can rename your KeePass database file(s), but most of the regulars here see it as being more trouble than it's worth. (I am perhaps the only regular contributor here that does not share this opinion.)
There are also other things that could be made available to users to simplify or enhance obfuscation, but the KeePass author considers the whole topic to be unworthy of any effort on his part.
(See also the "dead horse" thread.)