Hi there,
I have been using Keepass + Kee for several years with a Master Password, and very satisfied.
Today, I tried the Key File route. Again, no problem.
However, when re-opening the DB, I was very surprised to see the full Key File path showing in the box.
Is there a way to avoid such a security risk by erasing the Key File info when closing the DB, like it’s done for the Master Password?
Thank you.
You’ll find a lot more discussion about this feature and whether it is a security risk or not on the KeePass discussion forums rather than here but the quick answer is that this controlled by an “Advanced” KeePass option - towards the bottom there’s an option like “Remember key sources” which you can disable if you’d like.
1 Like
@luckyrat: My bad, I should have RTFM. It clearly states that “KeePass has an option for remembering the paths of key files, which is turned on by default; turning it off typically just decreases the usability without increasing the security.”.
Thank you for showing me how to proceed to select my preferred option.
Now, I still think that revealing a key file path & name is favouring convenience -not usability- over security.
Regardless, rather than feeling a bit disappointed, I now hold your software in even higher esteem than before. Many thanks for such a piece of high quality design.