Changing, adding or removing a key file in the database security page without touching the password section removes the password.
Note that the inverse is not true: Changing, adding or removing a password does NOT remove the key file.
Steps to Reproduce
Create a new database for testing with a password configured
In the database security page add a new key file
Click OK at the bottom of the page, an alert about no password being set is shown
Click continue without a password
Lock the database
Attempt to unlock the database with password+keyfile - doesn't work
Attempt to unlock the database with keyfile and no password - works
Expected Behavior
I expected one of the following:
The existing database password should've been kept with no alert about no password being set, or
A prompt to enter the existing database password should've appeared, which would only accept the existing database password
In either of the cases listed above, I expected the database to unlock with a combination of the existing password and the new keyfile, but not with the new keyfile and no password
Actual Behavior
An alert about no password being set appears despite me not touching the password section
The existing database password is removed
Context
I remember that in previous versions of KeePassXC the database password was kept when changing the database keyfile.
I do not remember what exact version that was.
KeePassXC - Version 2.7.9
Revision: 8f6dd13
Qt 5.15.14
Debugging mode is disabled.
Operating system: Arch Linux
CPU architecture: x86_64
Kernel: linux 6.9.6-zen1-1-zen
Enabled extensions:
Auto-Type
Browser Integration
Passkeys
SSH Agent
KeeShare
YubiKey
Secret Service Integration
Cryptographic libraries:
Botan 3.4.0
Operating System: Linux
Desktop Env: KDE 6.1
Windowing System: Wayland
Overview
Changing, adding or removing a key file in the database security page without touching the password section removes the password. Note that the inverse is not true: Changing, adding or removing a password does NOT remove the key file.
Steps to Reproduce
Expected Behavior
I expected one of the following:
In either of the cases listed above, I expected the database to unlock with a combination of the existing password and the new keyfile, but not with the new keyfile and no password
Actual Behavior
Context
I remember that in previous versions of KeePassXC the database password was kept when changing the database keyfile. I do not remember what exact version that was.
KeePassXC - Version 2.7.9 Revision: 8f6dd13
Qt 5.15.14 Debugging mode is disabled.
Operating system: Arch Linux CPU architecture: x86_64 Kernel: linux 6.9.6-zen1-1-zen
Enabled extensions:
Cryptographic libraries:
Operating System: Linux Desktop Env: KDE 6.1 Windowing System: Wayland