RE: [Passwordsafe-users] decrypting the .dat file
Popular easy-to-use and secure password manager
Brought to you by:
ronys
Menu
▾
▴
RE: [Passwordsafe-users] decrypting the .dat file
|
From: Rony S. <ro...@gm...> - 2004-12-22 17:50:25
|
Hi Arnauld, Short answer: The .dat file cannot be encrypted/decrypted all at once. A workaround would be to export the .dat file to plain text and encrypting/decrypting this with a program/algorithm that is available on your target platform. WARNING: Doing this is potentially VERY unsecure, as the decrypted data may remain on the target machine, even after you've deleted the file. Long answer: There's no need to guess, as the format of the .dat file is fully documented in the files that come with the source code. Briefly, each entry stored as a record of variable length fields. All are encrypted using Blowfish with the same key, but each record has its own salt. Hope this helps. Cheers, Rony > -----Original Message----- > From: pas...@li... > [mailto:pas...@li...] On > Behalf Of Arnaud Sahuguet > Sent: Wednesday, December 22, 2004 5:43 PM > To: pas...@li... > Subject: [Passwordsafe-users] decrypting the .dat file > > > Hi, > > I saw some previous posting on this topic but no conclusion. > > I agree that decrypting the .dat file may create some security issues. > However, since PasswordSafe only runs on a windows platform, what > happens when I am travelling with no Windows box around. > > I would like to be able to decrypt the .dat file from any machine, > from the command line for instance. > > My guess is that the .dat file stores the passwords as ASCII, with AES > or Blowfish encryption, and maybe some salting. I just would like to > know which algorithm to use. > Once again, without the password, the only way to crack the .dat file > is to use brute force or dictionary attack. > > regards, > > Arnaud > |
