The KeePass wikipedia page only says that AES or TwoFish can be used as cyphers. This means that an information leak exists: the attacker could see when accounts were added or removed, by looking at the difference between files (assuming the order of the passwords remains the same).
For example, lets say it does not use randomized encryption. KeePass encrypts the passwords, but has some cryptographically weak way of storing the passwords. This could lead to the passwords up to that version being compromised, while deleting the older ones would have no effect. There was a vulnerability in an earlier version of KeePass, which was since patched, but that stored data in an insecure way. What could cause your approach to be less secure? Here are some hypothetical possibilities (that could become real in the future): To illustrate some cases, let us assume an attacker gets hold of all these files, rather than just one (i.e., the most recent one). There is a few reasons why it could be a problem. It's probably fine, but make sure to regularly delete really old files.
0 kommentar(er)
