Alan78673

Hi Andreas. Yes, the original "bug" says that someone could edit the configuration file and cause a silent export. That has been changed with the newest version. There is no silent export in the new version. Every time KeePass wants to export the database the user will receive a popup informing them that an export is being requested and asking for the master key to allow it to continue. Thus the bug has been fixed.

As joint_striker pointed out above, version 2.53.1 appears to more or less resolve this issue by "always asking for the master key when trying to export data". This means that even if your config/enforced config file is edited you'll be prompted that KeePass is trying to export your data and you'll be prompted for your password to allow it. Thank you Dominik!!

Ugh, same for me (23,000 users). I've used KeePass both at work and on my personal devices for years. Today KeePass was uninstalled from my work computer while Security evaluates the issue. My personal devices are secure, I'm the only admin, and I've configured the enforced config file so I feel "relatively" safe. However, if my company implements a different password manager I'll be switching to that one on my personal devices as well just for consistency sake.

Heck, for that matter is it THAT onerous to type the main password before exporting? Let's say I have KeePass running minimized at my desk, get up to go to the bathroom, and forget to lock my workstation. With the option to "export without entering the key" my coworker could slide over to my desk and export my whole database. Why not remove that option altogether? The coworker could still scroll though the database till I got back but couldn't export the whole thing. I understand the fun of making...

I use KeePass on my corporate work computer and only keep work related passwords in the database. But any admin could edit the config file (or the enforced config file), have KeePass export all of my passwords the next time I open it, and then edit the config file back. I would never know my passwords were compromised. This makes KeePass useless for any work/corporate environment.

I have Keepass 2.42.1 and need to be able to send multiple modifiers as part of an autotype string. I.e., I need to send the key combination Ctrl-Alt-L. I know how to use a single modifier such as ^L or %L but combination modifiers like ^%L don't seem to work. Is there a way to send combination modifiers like the last three characters below? {DELAY 500}^v{DELAY 500}^%L

Ha, never mind. The upgrade put the autotype hotkey back to the default Ctrl-Alt-A....

I upgraded from 2.28 to 2.29 and webautotype no longer works. I still have all of...