wellread1

Noted.

You are posting to a 5-year old (stale) thread. The reasons for the design decision to leave some fields unencrypted has already been adequately described by the developer in https://sourceforge.net/p/keepass/discussion/329220/thread/8d194356af/?limit=25#1ebb above. These reasons are mostly unrelated to performance. Since these reasons haven't changed, it is unlikely that fields in KeePass that don't currently support in-memory protection will support it in the foreseeable future.

You are posting to a 5-year old (stale) thread. The reasons for the design decision to leave some fields unencrypted has already been adequately described by the developer in https://sourceforge.net/p/keepass/discussion/329220/thread/8d194356af/?limit=25#1ebb above. These reasons are mostly unrelated to performance. Since these reasons haven't changed, it is unlikely that fields that don't currently support encryption in KeePass will support encryption in the foreseeable future.

You are posting to a 5-year old (stale) thread. The reasons for the design decision to leave some fields unencrypted has already been adequately described by the developer in https://sourceforge.net/p/keepass/discussion/329220/thread/8d194356af/?limit=25#1ebb above. These reasons are mostly unrelated to performance. Since these reasons haven't changed, fields that don't currently support encryption in KeePass won't support encryption in the foreseeable future.

You are posting to a 5-year old (stale) thread. The reasons the design decision to leave some fields unencrypted has already been adequately described by the developer in https://sourceforge.net/p/keepass/discussion/329220/thread/8d194356af/?limit=25#1ebb above. These reasons are mostly unrelated to performance. Since these reasons haven't changed, fields that don't currently support encryption in KeePass won't support encryption in the foreseeable future.

If you are worried about a malicious actor changing the database master key uncheck Change Master Key - No Key Repeat in Tools>Options…>Policy. If this option is unchecked the malicious actor would need the current database master key to change the database master key. The option can't be defeated without first closing the KeePass instance, with the result that the attacker is locked out of the database.

If you are worried about a malicious actor changing the database master key uncheck Change Master Key - No Key Repeat in Tools>Options…>Policy. The malicious actor would need the current database master key to change it. The option can't be defeated without first closing the KeePass instance, with the result that the attacker is locked out of the database.

See the final paragraph of my post. KeePass provides some help to mitigate accidental exposure of data in an active database, but ultimately it is your responsibility to control access to your device. If a malicous actor gains access to your device you have a serious problem see https://keepass.info/help/base/security.html#secspecattacks.