lucaswitvoet
commented
1 year ago P:S : Je suis francophone, si tu préfères me répondre en français 😅
Closed lucaswitvoet closed 2 months ago
lucaswitvoet
commented
1 year ago P:S : Je suis francophone, si tu préfères me répondre en français 😅
onSec-fr
commented
1 year ago Hello,
That's a good question.
Everyone will have their own opinion, but indeed keepass 1.x has seen fewer vulnerabilities because it doesn't include certain dangerous features. On the other hand, it essentially loses Secure Desktop as a security mechanism.
As for TOTP, the problem is that this requires the activation of plugins, which are an attack vector. I prefer to use a key (file) in addition to the master password to have 2fa.
I leave this thread open for discussion.
copysolo
commented
1 year ago Hello, Thank you for this very interesting script. I'd like to know if a version of KeepassXC is possible? 😊
onSec-fr
commented
1 year ago Hello @copysolo
There is no enforced configuration file in KeepassXC. The config file should be located in %appdata%\KeePassXC\keepassxc.ini ; so it should be possible to create a generic configuration with the desired parameters. However nothing will prevent the user from modifying them from UI.
I'm interested why you recommend using 1.x and not 2.x.
Some feature of 2.x seems to improve the security of the database, such as all TOTP way to log into your vault and the presence of Argon2. I could of course understand that you consider less feature = less possible vulnerabilities or that if no vulnerabilities for all those years it means that it should be more secure
I was just curious about it. 🙂