Hi, is it possible to auto delete the keyfile, after a configurable setting is set, when the wrong password is inputted, and get an email/notification on which device it was deleted from?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
No. This would require a web hosted password manager or background processes on your PC to to delete the key file and send email.
KeePass is a local app only with not additional background processes.
Why do do think this would be required?
You should use a key file and password, so an attacker must have both to open your database.
What if the attacker stole your database and key file?
cheers, Paul
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I don't see Paul's reply as any of those things. He was trying to advise you that the actions you are attempting to take would do nothing to stop a determined hostile agent from getting to your passwords. You are trying to prevent actions that a true cracker already wouldn't bother taking, because there are easier things to try, and because most crackers don't want your passwords specifically; they just want somebody's passwords. If yours are too hard to get to (as they are when you're using KeePass properly, with or without your extra precautions), they'll just move on to somebody else.
Last edit: T. Bug Reporter 2024-03-01
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi, is it possible to auto delete the keyfile, after a configurable setting is set, when the wrong password is inputted, and get an email/notification on which device it was deleted from?
No. This would require a web hosted password manager or background processes on your PC to to delete the key file and send email.
KeePass is a local app only with not additional background processes.
Why do do think this would be required?
You should use a key file and password, so an attacker must have both to open your database.
What if the attacker stole your database and key file?
cheers, Paul
I already use both. I was just wondering if this were possible.
If I had access to your device I would not attempt to open your database. I would copy the database and any key files and take them away to crack.
cheers, Paul
Wow, totally unhelpful reply. Please be more helpful, instead of being insulting, and rude.
I don't see Paul's reply as any of those things. He was trying to advise you that the actions you are attempting to take would do nothing to stop a determined hostile agent from getting to your passwords. You are trying to prevent actions that a true cracker already wouldn't bother taking, because there are easier things to try, and because most crackers don't want your passwords specifically; they just want somebody's passwords. If yours are too hard to get to (as they are when you're using KeePass properly, with or without your extra precautions), they'll just move on to somebody else.
Last edit: T. Bug Reporter 2024-03-01
See also: https://keepass.info/help/kb/faq.html#clisrvsec
Best regards,
Dominik