If someonelse could get your password db file (e.g. .kdbx file for keepass), maybe due to a hacking attack, how threaten is your security in fact? Of course this is a problem and you should change all your passwords, but how "dangerous" is this really? Is there any value without having the master password?
Asked
Active
Viewed 1,274 times
1 Answers
3
If you've picked a strong master password, they've effectively got an encrypted blob of data which they can try brute force your password from, but may never succeed (Assuming that the password DB format is free from errors).
However, unlike with a website password or other online service (Chat/ssh/etc), there are no limits on how many times they can try different passwords, or on what speed the password comparison runs at - they can send copies of the file to thousands of machines and try to brute force starting from different places to minimise the time to find the password. With a website, the web server is the limiting factor - even with thousands of source machines, it will only do comparisons at a rate it can support, or it'll fall over.
For a really good password, this doesn't matter - the number of potential passwords is far too high to try them all in a useful time (assuming for the purpose of argument that whatever data you have is probably not very useful to anyone in a few thousand/million years). Picking and remembering a really good password is harder though, so it's possible that it is actually a quote from a book or common phrase, which might be tried sooner than pure brute force would suggest.
If, on the other hand, you have a weak master password, they've got an easy to decrypt list of passwords and sites, and it probably won't take them long to get access.
Additional - based on @André's comment:
As André says, if the hack occurred on a device where the database is used, as opposed to one where it is just stored (main PC vs. backup server), there is a chance of a keylogger being used to find the master password. As a result, it would be recommended not to open any password databases on machines which are suspect until they have been completely rebuilt from a clean state. Most password managers try to prevent passwords being read from memory, although this is not 100% perfect, but again, this can be avoided by not opening the database on suspect devices (or ones which you don't have control over).
Matthew
- 27,233
- 7
- 87
- 101
-
2If they got his pass DB via hacking there's a good chance they can also leave a little present (keylogger) on the machine, saving them from bruteforcing the pass. In this case it's extremely dangerous as the password no longer protects the DB. – André Borie Nov 11 '16 at 12:13
-
1@AndréBorie Of course hacking a persons PC and leaving a key logger behind will compromise almost all password managers. In fact KeyPass, with its lock to user account and optional key file security might be more resistant then online password managers in respect to PC hacks. – AstroDan Nov 11 '16 at 13:49
-
@AstroDan I doubt it - if you've got a keylogger installed this means you can execute arbitrary code on the machine, and at that point what prevents you from either stealing the keyfile (and the user account's UUID or whatever is used to lock the Keepass DB) or just waiting for the user to unlock the DB and harvesting all passwords from memory? – André Borie Nov 11 '16 at 13:54
-
@AndréBorie I didn't say completely safe I said more resistant. All you need to steal the passwords from an online system is the master password. Stealing the UUID (environment fingerprint) is hard and the key file can be stored in hardware, for example a Yubikey. – AstroDan Nov 11 '16 at 14:08