If the attacker has your computer, then they now have ' the thing you own'. For opening a database file, all components of the master key are required. This master key can consist of multiple components: a master password, a key file and/or a key that is protected using the current Windows user account. One-time-passwords work well for server authentication because both client and server end-points are considered secure and the attacker needs ' something you own' as well as ' something you know'. Your KeePass database file is encrypted using a master key. If the KeePass file is still interoperable with other KeePass programs, then you gain nothing from using a one-time-password in this fashion. If the attacker has access the device storing the KeePass installation and files, the security re-collapses to the security of the normal password on its own. Security from a one-time-password comes from two parties knowing the same key and counter - HOTP(Key,Counter) - while an attacker doesn't know the key. However to generate the next password on the device, the plugin would require either a secret stored on the device or the normal password for the KeePass file. Presumably the plugin uses OATH HOTP where the KeePass file or master key is re-encypted after each access with the next one-time-password. KeePass: Best password manager for programmers LastPass: Best single-user password manager Best Overall Free Password Manager Norton Password Manager 4.8 Compatibility Windows, Mac. What does it do Every time you save your. The new database can use a different password. Security remains the same + extra cognitive overhead. Export tagged entries to a new password database every time you save.
0 Comments
Leave a Reply. |