Collaborate Disseminate
I recently saw this new attack on KeePass (see here and the source code). I don’t know how to use this attack (I’m a newbie to these things), so I want to know:
How can this attack be used?
What does this mean for personal … Continue reading Attacking KeePass
I have an encrypted external hard drive that I want to use as a portable security center.
One of the things I want to do is setup a portable offline password keeper that can run entirely from the external drive. KeePass has… Continue reading Portable offline password manager
I have an encrypted external hard drive that I want to use as a portable security center.
One of the things I want to do is setup a portable offline password keeper that can run entirely from the external drive. KeePass has… Continue reading Portable offline password manager
I use KeePass to store my passwords and it works great. From time to time, I create users in the network and I need to send them their initial password, which I generate through KeePass.
I usually send their passwords through email in a 7… Continue reading How to securely send passwords using KeePass
Recently I have been working on a little project. I have been able to crack my keePass .kdbx file by running a simple brute force attack with the KeePass Cracker and a custom made word list.
This is to easy. Lets say I didn’… Continue reading Alternatives to bruteforce KeePass Cracker
Recently I have been working on a little project. I have been able to crack my keePass .kdbx file by running a simple brute force attack with the KeePass Cracker and a custom made word list.
This is to easy. Lets say I didn’… Continue reading Alternatives to bruteforce KeePass Cracker
Recently I have been working on a little project. I have been able to crack my keePass .kdbx file by running a simple brute force attack with the KeePass Cracker and a custom made word list.
This is to easy. Lets say I didn’… Continue reading Alternatives to bruteforce KeePass Cracker
Recently I have been working on a little project. I have been able to crack my keePass .kdbx file by running a simple brute force attack with the KeePass Cracker and a custom made word list.
This is to easy. Lets say I didn’… Continue reading Alternatives to bruteforce KeePass Cracker
How secure is KeePass in addition with a Yubikey with OATH-HOTP?
I read in Yubikey with KeePass using challenge-response vs OATH-HOTP that with OATH-HOTP there isn´t added a real second factor.
But what I don´t understand is that without the plugin and only with the master password I can´t open the database. The only way I see is to open the database with the “recovery” key.
So I think with OATH-HOTP you can use longer password (master password + OTPs) because you have to memorize a shorter master password. Thereby the security is increased if you use a long “recovery” key for OATH-HOTP.
Is that right?
How secure is KeePass in addition with a Yubikey with OATH-HOTP?
I read in Yubikey with KeePass using challenge-response vs OATH-HOTP that with OATH-HOTP there isn´t added a real second factor.
But what I don´t understand is that without the plugin and only with the master password I can´t open the database. The only way I see is to open the database with the “recovery” key.
So I think with OATH-HOTP you can use longer password (master password + OTPs) because you have to memorize a shorter master password. Thereby the security is increased if you use a long “recovery” key for OATH-HOTP.
Is that right?