I've used keepass for a while now, but have recently become more security conscious. I have, up until this point, kept my passwords reset answers(and questions) in the notes field of each password. Since most normal answers could be guessed by friends and family, I use the keepass password generator to generate answers using similar criteria as the password itself.
If I am correct and the notes field is not protected in memory, I think that would allow someone to circumvent the password altogether. Is this the case? Should I move all of the password reset answers into their own custom fields?
Thank you.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Notes are not protected in memory by default.
A malicious user would need to perform a memory dump and then extract the relevant details to be able to reset your password. A much easier method, used by most key loggers, is to collect the details from the browser.
If you leave your machine unattended, lock KeePass.
If you think your machine if compromised, do not connect to any externally accessible site.
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
1. Would the in-memory protection work on notes similarly to the other fields if I enabled asterisks in the columns and never searched the field.
2. Would it be possible for the keylogger to collect the details from the browser while using the auto-type dual-channel obfuscation?
I don't believe my machine has been compromised, but I'm under the impression that keyloggers can be difficult to detect and I'm trying to take precautions.
Thank you again.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello,
I've used keepass for a while now, but have recently become more security conscious. I have, up until this point, kept my passwords reset answers(and questions) in the notes field of each password. Since most normal answers could be guessed by friends and family, I use the keepass password generator to generate answers using similar criteria as the password itself.
If I am correct and the notes field is not protected in memory, I think that would allow someone to circumvent the password altogether. Is this the case? Should I move all of the password reset answers into their own custom fields?
Thank you.
Notes are not protected in memory by default.
A malicious user would need to perform a memory dump and then extract the relevant details to be able to reset your password. A much easier method, used by most key loggers, is to collect the details from the browser.
If you leave your machine unattended, lock KeePass.
If you think your machine if compromised, do not connect to any externally accessible site.
cheers, Paul
Thanks for the answers.
1. Would the in-memory protection work on notes similarly to the other fields if I enabled asterisks in the columns and never searched the field.
2. Would it be possible for the keylogger to collect the details from the browser while using the auto-type dual-channel obfuscation?
I don't believe my machine has been compromised, but I'm under the impression that keyloggers can be difficult to detect and I'm trying to take precautions.
Thank you again.
1. Yes, I think.
2. Yes, definitely. The loggers target the browser directly, not the entry into the browser field.
cheers, Paul