Menu

#1704 Include WUA in "Remember key sources..." option

KeePass_2.x
closed
nobody
None
5
2013-02-27
2013-02-26
wellread1
No

Please expand the meaning of the "Remember key sources (key file paths, provider names,...)" to include the Windows User Account check box state. This option is a convenience option, and the security penalty for remembering the check box state is only 1 bit.

Discussion

  • Dominik Reichl

    Dominik Reichl - 2013-02-27
    • status: open --> closed
     

  • Dominik Reichl

    Dominik Reichl - 2013-02-27

    Good idea! I've implemented it.

    In my opinion, this isn't really a security penalty (not even 1 bit). It's like with key files (where the key file contents need to be kept secret, not the file's location): the user account key data needs to be kept secret, not the information whether or not the user account is used. It's rather easy anyway to find out whether it's used or not (e.g. by inspecting the last access time of the 'ProtectedUserKey.bin' file).

    Here's the latest development snapshot for testing:
    http://keepass.info/filepool/KeePass_130227b.zip

    Thanks and best regards,
    Dominik

     

  • wellread1

    wellread1 - 2013-02-27

    Thanks for pointing out the security is unaffected because WUA linkage can be inferred by inspection of the ProtectUserKey.bin file time stamp.

    The development snapshot works great and makes using my autoopen database more convenient.

     

Log in to post a comment.