Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Where would you recommend me to store the Keepass-file?
Where would you recommend me to store the Keepass-file?
dear friends, hello dear experts in this community.
Where would you recommend me to store the Keepass-file? This questions keeps to be a very important question to me. Well - for most of the use-cases usually i have all my personal documents in my cloud account.
The pro: i can access it from everywhere in the world. With any device.
But besides that i am not so sure if this is safe. Especially if it comes to such things like keepass: Some friends mentioned that it is not so safe:
Question; would it be safe to use the cloud for the keepass-file? Can i secure it even further, by adding another (extra) layer of security by encrypting the file.
the generalized question is this: How safe is it to store the keepass-file in the (wrong place) like in the cloud? What risks do I need to know about?
What can I do with the KeePass password file, there are several arguments to decide where to store it.
if the passwords are really, really important to someone, one should make the decision based on:
- the risk of the file being hacked - what can we do if we consider to get hacked
- what if someone may compromise the file
- is it preferable that the DB file not get in the wild,
- there may be more and other risks - which one do you take into consideration"?
What should i do - what can be done with the passwd.
can I secure it even further, by adding another extra layer of security by encrypting the file i am going to store in cloud storage online.
look forward to hear from you
yours say
Where would you recommend me to store the Keepass-file? This questions keeps to be a very important question to me. Well - for most of the use-cases usually i have all my personal documents in my cloud account.
The pro: i can access it from everywhere in the world. With any device.
But besides that i am not so sure if this is safe. Especially if it comes to such things like keepass: Some friends mentioned that it is not so safe:
Question; would it be safe to use the cloud for the keepass-file? Can i secure it even further, by adding another (extra) layer of security by encrypting the file.
the generalized question is this: How safe is it to store the keepass-file in the (wrong place) like in the cloud? What risks do I need to know about?
What can I do with the KeePass password file, there are several arguments to decide where to store it.
if the passwords are really, really important to someone, one should make the decision based on:
- the risk of the file being hacked - what can we do if we consider to get hacked
- what if someone may compromise the file
- is it preferable that the DB file not get in the wild,
- there may be more and other risks - which one do you take into consideration"?
What should i do - what can be done with the passwd.
can I secure it even further, by adding another extra layer of security by encrypting the file i am going to store in cloud storage online.
look forward to hear from you
yours say
-
- Posts: 14
- Joined: 2018-05-03 14:46
- Been thanked: 1 time
Re: Where would you recommend me to store the Keepass-file?
I use a strong master password on the file. I make the local permissions limited to my account -- no access to group or other accounts. I transfer the file, when needed, via a local server and I don't leave a copy on the local server. A USB drive would work as well, perhaps better, depending on your usage.
I don't keep the app or data on my phone.
I used to use LastPass but I dropped that not for security concerns but for business model concerns. I anticipated loss of free service at some future point.
I don't keep the app or data on my phone.
I used to use LastPass but I dropped that not for security concerns but for business model concerns. I anticipated loss of free service at some future point.
-
- Posts: 6
- Joined: 2020-09-04 16:49
Re: Where would you recommend me to store the Keepass-file?
ghjghjfjhfhj
Last edited by Castle_Age on 2023-08-11 15:15, edited 1 time in total.
DELETED ACCOUNT
Re: Where would you recommend me to store the Keepass-file?
makes sense to encrypt it if you must store it online.say_hello wrote:can I secure it even further, by adding another extra layer of security by encrypting the file i am going to store in cloud storage online.
Code: Select all
gpg -c --passphrase-file unlock --pinentry-mode loopback yourfile
Re: Where would you recommend me to store the Keepass-file?
KeePass encrypts the data file on your machine. I've had mine stored on Dropbox for years, without issues. Use a strong password, and you don't need to worry about others having access to it. If they want to use a few years of supercomputing power to crack it, it's possible, but that's unlikely. KeePass and its derivatives - KeePassX (mostly unsupported now) and KeePassXC (the best choice IMO) do all encrypting and decrypting locally. The database is never exposed off the local machine in plaintext. It's the same security as GnuPG, but more convenient and user-friendly.
Take my advice, I'm not using it.
-
- Posts: 932
- Joined: 2020-05-03 14:16
- Has thanked: 7 times
- Been thanked: 65 times
Re: Where would you recommend me to store the Keepass-file?
Agreed; as for now, this is the safest way for storing the passwords. However, there is one problem with this approach: safe passwords should be complex and unique - to protect You against dictionary attacks and profiling. It can be hard to remember tens of unique passwords used for various purposes, but there's an easy way to achieve this:Castle_Age wrote:I ended up figuring, really safest place for all this stuff, is your head
Instead of remembering exact passwords, try to create and remember a *method* for generating your passwords, f.e.:
Your name is Django, Your dog's name is Bastard ( ), Your bank is a Bank of Canaries, so the resulting password could be:
BBaasntkaorfdCDajnnaarnigeos
To enter such password, You start with "BastardDjango" and then injecting the letters from the string "BankofCanaries", by skipping every second letter from the "base" password string using cursor keys.
The trick is, that You don't have to store the passwords (f.e. in the cloud) - all You need is to create some clever rule to generate the passwords from strings which are easy to remember for You, within particular context.
Such passwords are 100% invulnerable to dictionary attacks, and when the components are wisely chosen, such passwords are also invulnerable to profiling (i.e. don't use the true name of Your dog )
Bill Gates: "(...) In my case, I went to the garbage cans at the Computer Science Center and I fished out listings of their operating system."
The_full_story and Nothing_have_changed
The_full_story and Nothing_have_changed
Re: Where would you recommend me to store the Keepass-file?
Reusing passwords is a security risk. There is no possibility of my remembering hundreds of passwords for websites, credit card info, notes, and whatnot. I've been using a password safe for a very long time, since the days of the Palm Pilot. A carefully chosen password safe is, IMO, essential these days.
Take my advice, I'm not using it.
Re: Where would you recommend me to store the Keepass-file?
That password is too easy to guess. Much better to reverse it. Nobody would ever guess 654321. For passwords I need to remember, I tend to use words or phrases transliterated from another language, which uses a non-Roman alphabet. The transliteration can be creative if desired. Easy for me to remember, but difficult for a snooper to crack through a dictionary attack. It does require knowing at least a little of another language, though.
Take my advice, I'm not using it.
Re: Where would you recommend me to store the Keepass-file?
so true this should be the new FIPS security standard.sgosnell wrote:Nobody would ever guess 654321.
Re: Where would you recommend me to store the Keepass-file?
I use same passwords for everything.. I learnt around 8 or 10 differentes passwords and always use the same ones... for not important accounts I use one of mines such as 12345 but with some letters.. for others accouts more important , I use one o two more complex with some weird characters intercaled like dots.. and for account banks or sensible main cloud accouts I use two or three long passwords I memorized it... and for others ones i dont need to memorized I use bitwarden password manager... even within bitwaden i try not give much information about the account , the nickname and the password.sgosnell wrote:Reusing passwords is a security risk. There is no possibility of my remembering hundreds of passwords for websites, credit card info, notes, and whatnot. I've been using a password safe for a very long time, since the days of the Palm Pilot. A carefully chosen password safe is, IMO, essential these days.
I had your same dilemma with the keypasses files... in order to store them in the cloud.. , and the answer is in my opinion to use commun sense and stenography security... you can divide/cut your keepass-file in three files just like this.:
cat image1.png MyDecodeKeepassPassword.txt image2.txt > Keepassfile
this way you just store two different image files in cloud ( image1.png and image2.png) and keep in your mind a basic password... (MyDecodeKeepassPassword.txt) , this is perfect secure and very easy to do.. cos, they wont ever know your basic password (as MyDecodeKeepassPassword.txt), and they wont ever know which algortim do you use to compose your keepass.file... So , as you see, it was easier than what you thought
Its important to hace redundant backup clouds of your security keepass-file, cos if you delete them accindetally in the cloud or you lost the cloud account
bester69 wrote:STOP 2030 globalists demons, keep the fight for humanity freedom against NWO...