12/13/2023 0 Comments Keeweb android storeBut it would seem that on my Android, I now only have 1 line of defence to my passwords, which is the database master password itself, as it doesn’t need the vault to be unlocked and decrypted to access the file. On my Windows and Linux devices, if the vault is locked, KeePass can’t access the database file, which makes sense and is desired behaviour. However, I started to notice that KeePass2Android could still access this file even when the vault was locked. I couldn’t find this location by searching my files on the device, but no big deal. KeePass2Android then displays the filepath to the selected database on the login screen:Ĭontent:///decrypted/filename.ext Eventually I realised that by clicking on the KeePass database file, from within the Cryptomator app, I got the option to open that file with KeePass2Android, and everything went ok from there. I was expecting a virtual folder on my internal storage, a bit like Linux, but couldn’t find one. I was able to point Cryptomator at my local vault on my phone no trouble, But struggled to find a way to actually access the files outside of the app. this way I always have access to my passwords locally, but still encrypted, and whenever I make changes to the database, those changes will be sync’d across all my devices. This vault is then sync’d across my devices with Syncthing. My use case is that I have one particular vault which holds my KeePassXC database. At least then it is your device, not someone else’s, so you have an idea of which crappy software is installed, which updates are missing etc.I use Cryptomator across my devices and Operating systems. When on the go, better sync your keepass file to your smartphone and use e.g. This is similar with keepass, but again, keeweb is for the use case where this is not your system! Moreover, keepass for windows offers a “secure desktop” where you enter your master password which cannot be accessed by (off-the-shelf) keyloggers, keeweb doesn’t). – the system you use (for example keyloggers can sniff your master password. – the browser you use (especially, keeweb is made for the use case when you are not at your own pc, so this is the browser of someone else, with a bunch of extensions installed and probably outdated). you need to trust the CA-system… or use cert-pinning) – the network connection between your system and the server (man-in-the-middle might replace keeweb with an infected version), or properly setup SSL (i.e. If keeweb is on dropbox, then you need to trust them. – the server that keeweb is stored on (an attacker might replace keeweb with some infected version on the server). If you use keeweb, you additionally need to trust: You need to trust your end devices anyway, as they are the place were you decrypt you keepass database. This means you only need to trust your end devices, not the server. You can secure your keepass file with a key-file that you don’t put into the cloud, making it really really hard for someone to brute-force if he gets access to your cloud storage. The good thing about keepass is that you can sync your passwords across devices through some cloud service like dropbox or owncloud without the need to trust the cloud service. Now You: Would you use a service like KeeWeb? The author promises that the app contains no statistics or analytics scripts or advertisement. Since it is open source, you can audit the code to make sure of that. The remote version of KeeWeb makes no external requests, uses only locally stored data and makes only one network connection to check for updates which users can disable in the app settings. KeeWeb is something that I will keep an eye on definitely to see if creating your own self-hosted version of the application improves or is made clearer on the project website so that anyone with a Dropbox account but no knowledge of scripting or programming languages or Dropbox application creation can set it up on their own. I have no need for that, and won't use a service hosted by a third-party to open my KeePass database either.Ī self-hosted web version of KeePass on the other hand, that is open source, and easy to set up, should have appeal to users of the application. The desktop applications are cross-platform which may have some appeal to users of KeePass.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |