AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
Kdbx windows10/22/2023 ![]() ![]() The first possibility is to only use a Master password to decypher the database, it's the easiest solution, and can be considered secure if the Master Password is strong enough What kind of Composite Master Key to choose ? the key that will be used to decypher your database) you will be proposed three possbilities: When creating the Composite Master Key (ie. No matter which option you choose, be sure to always keep a backup of your database ! ![]() Store it on a USB key to always keep your precious secrets with you.Store it locally if you consider that you will always use only your local machine to access it.Store your database on a cloud service like CERNBOX, then your database will be accessible from any other device running the same cloud service with a compatible Keepass client (this include your laptop, iphone, or other Android tablet for example).Run Keepass then select "File" -> "New" then the message box below will appear, READ IT CAREFULLY ! Pease select the appropriate box in the webpage and click on " Save" Also, the number of iterations is configurable (6000 is only the default value).Keepass 2.x is available in CMF, so you can install it as any other software with the CMF "add/remove package" icon. ![]() In "custom password derivation process", the "custom" is a scary word. This assumes that the password derivation process is not flawed in some way. But with two PC that's only 25 million years. You're in for 10 20*0.5/32000 seconds, also known as 50 million years. With ten random characters chosen uniformly among the hundred-of-so of characters which can be typed on a keyboard, there are 10 20 potential passwords, and brute force will, on average, try half of them. With a quad-core recent PC (those with the spiffy AES instructions), you should be able to test about 32000 potential passwords per second. ![]() The default number of iterations is 6000, so that's 12000 AES invocations for processing one password (encryption is done on a 256-bit value, AES uses 128-bit blocks, so there must be two AES invocations at least for each round). KeePass uses a custom password derivation process which includes multiple iterations of symmetric encryption with a random key (which then serves as salt), as explained there. ![]()
0 Comments
Read More
Leave a Reply. |