If your PC or the machine you are trying to access your password is compromised to such a degree you can't really do much.
You also use YubiKey for further protection (http://keepass.info/help/kb/yubikey.html)
If your PC or the machine you are trying to access your password is compromised to such a degree you can't really do much.
You also use YubiKey for further protection (http://keepass.info/help/kb/yubikey.html)
Last edited by Keosen; 2014-02-10 at 11:41 AM.
If the PC is compromised by a keylogger with screen capture capability for example then it doesn't matter if you use 1 password or a thousand, they are all compromised, so I don't see a password manager like KeePass or LastPass for example making any difference in this scenario.
Security is a multi-step thing, there is no single solution that will protect you from everything, there has to be multiple layers of security protecting against multiple threats. (Read: Firewalls, Anti-Malware, Anti-Virus, Anti-SpyWare, Anti-UserWare)
The only 100% secure solution is 100% isolation from everything, and that includes the world. Meaning that the only secure way to store anything is for it not to be stored anywhere at any time.
Last edited by Djinni; 2014-02-10 at 12:14 PM.
yes, you move to a single point of failure, but the general consensus is that if you even know what a password manager is, you are smart enough to keep it secure
keepass in particular can link your password with a file you choose on your computer, this works like a private key, you can keep the file on an encrypted flashdrive, and your database on google drive/dropbox/etc
that way you can copy this file to authorized computers, so that even if your database gets stolen, without this keyfile your database can't be decrypted, or keep it on the flashdrive and use it as a 2factor token