For starters, you should find no legal reasons that prevent you using Kee Vault - the sensitive data NEVER leaves the devices you control. It is stored remotely only in an encrypted format that can’t be decrypted, and in all likelihood even this encrypted data is stored with a degree of protection that exceeds most local protection and legal requirements.
That said, I know that some organisations have change procedures tedious enough as to make it impractical to open up a secure connection to the Kee Vault service in a reasonable time frame, regardless of the actual legalities.
Additionally, nothing will change unless you ask it to. Kee Vault is an additional password storage option rather a replacement for the existing KeePass storage option. You can’t accidentally move your existing data into Kee Vault.
Your Kee extensions can safely be upgraded to version 3 but if you want to prevent updates you can do so with the controls that your browser offers (it’s not something Kee can control).
I’d strongly recommend against that for any user, but especially so if you’re in a place where you’re concerned about the legalities of encrypted data storage locations. Disabling automatic updates to any software that may deliver security fixes in future would be against some laws and all good practice guidelines.
I’m glad you’ve found Kee useful over the years and I hope to be able keep pushing out improvements for many years to come!
Thank you for your reply
The legal part we can just skip. It is what it is and we can’t change that. We are not allowed to upload the data in any way or form (regardless of encryption).
I see that one of our windows test stations actually is upgraded to 3.x (setting in browser was standard)
You say that Vault will not be activated unless we ask it to. Looking at that unit, I can’t find any settings where we can choose to activate or not activate Vault. Only the options to check all databases and Vault for passwords.
You also say: “You can’t accidentally move your existing data into Kee Vault.”
That sounds very good. So no data will be uploaded without our prior consent?
Enabling Kee Vault consists of registering for the Kee Vault service and having a Vault (database) unlocked in that service - then Kee will automatically use the contents of that in the same way as it uses the contents of a KeePass database at the moment (just without the need for installing KeePass and KeePassRPC obviously).
I’ve not even sent out the first early access codes for Kee Vault yet so I know only a group of close friends and family have even got to that registration stage!
I’ve tried very hard to ensure the behaviour won’t change for existing Kee users and tried to explain that situation on the upgrade notification page and the announcement on this forum but it’s tough to get that message across to so many people of different technical and English language abilities so I have no doubt that I will fall short in some cases. I’ll take a fresh look at the messaging on the forum tomorrow. Sorry for any confusion
Yes, it can be difficult to communicate with people with different language abilities, and I guess we have misunderstood your announcement and the replies in that thread.
As I said earlier, we really appreciate the product and will be happy to set up a number of subscriptions.
As long as it works without uploading any data, we will be happy customers
I’ll add that I too was confused about the Kee Vault announcement, and I came to this forum to find out whether I need to do anything to stop my passwords being uploaded into the cloud somewhere. I still find it confusing, but I also find your reassurances above – well, reassuring. (I’ll add that English is my first language and I work in IT, so this isn’t a comprehension issue.)
I’ve added a much more explicit statement about this to the forum announcement post today.
“Kee version 3 continues to work with KeePass and we have no plans to change this in future versions.”
and in the list of new Kee 3 features: “Works with Kee Vault and KeePass” instead of “Works with Kee Vault”.
Obviously nothing can be done to change the messaging in the extension’s upgrade notice now that it has left the beta-testing period and rolled out to all users but I’ll try to find some ways to make future messages clearer.
I think you need to make it much more explicit. Rather than write “Works with Kee Vault and KeePass” you should probably write something like:
KeeVault will still retain the functionality of the old Kee version. Unless you pay a subscription no data will ever be uploaded to the Kee Vault and it will continue to function as it does now with KeePass.
Yes, more or less - I wouldn’t want to talk about payment at this point though because in the context of data importing there is no significant difference between the trial period and ongoing paid subscription so this would just lead to further questions.
I think the key additional information in your suggestion would be the bit about no data being uploaded. I thought this was already clear right at the start of the page: “After importing your existing KeePass database you …” but on reflection I can see that this might be interpreted as “After we automatically import your existing…” so I will change this to read:
“After you ask Kee Vault to import your existing KeePass database…”