We have moved to a new Sailfish OS Forum. Please start new discussions there.
2

Using a Key File For OwnKeepass [answered]

asked 2017-11-04 19:15:44 +0200

prometheos de+it gravatar image

updated 2017-11-05 11:08:17 +0200

nthn gravatar image

How can I use a key file for entering my master key? I wrote my master key in a file passw.pw in /home/nemo where ls -la passw.pw shows:

-rwx------ 1 nemo privileged 15 Nov  4 16:06 passw.pw
  • But OwnKeepass moans "wrong password", both if I terminate the password file with a newline or not.
  • It is also unclear to me, if OwnKeepass understands that I selected a key file, as it persist asking for a password (so to say, the GUI does not visibly react to my input of a path to pass.pw,).

Just now I help myself by writing the master password as a Note, then cut-and-paste, what of course should never happen for any password! But a complex password is hard to type with my thick fingers!

edit retag flag offensive reopen delete

The question has been closed for the following reason "the question is answered, an answer was accepted" by nthn
close date 2018-03-15 23:40:38.825941

Comments

1

@jobe it is great that now OKP can operate on Keepass 2 databases! Thus I can synchronize identical databases among all my platforms and Password Managers (inside the Keepass family), and slowly dismiss Android there. I consider the Password Manager a heavy element of the overall system security!

prometheos de+it ( 2017-11-04 23:48:45 +0200 )edit

I think you misunderstood what the key file function is. It is not a file with your password in it. It is, in some sense, using the contents of a file as an additional password. You can only open with a keyfile databases that you have created with a keyfile.

Federico ( 2017-11-05 14:02:58 +0200 )edit

To add to what @Federico said, keeping your master key in plain text defeats the whole point of encrypting your password database in the first place, especially if you give it a name as obvious as 'passw.pw' (for reference, files don't need any kind of extension either).

nthn ( 2017-11-05 14:49:40 +0200 )edit

@Federico oh! Thank You for the info. Can You give me also a source please? Because I never saw a docu for Password Managers. My PM has been (and is still in Ubuntu) KeePassX, and there a Keyword File works as I intended. As far as OwnKeepass is concerned, can the Keyword in the file be different from the interactive Keyword? If yes, OwnKeepass offers a Two Factors Identification. A big improvement then! I have only the problem, that KeePassX is not offering this feature: I can then not synchronize .KDBX over the net to my different apps. I will try to answer myself.

prometheos de+it ( 2017-11-05 18:52:00 +0200 )edit

@prometheos: A keyfile can be any kind of file, even your ringtone, as long as you keep that file backed up somewhere so you don't lose access to your passwords if you (accidentally) edit or remove it at some point. It doesn't have to and really shouldn't include any kind of password. KeePassX definitely supports keyfiles: https://ssd.eff.org/en/module/how-use-keepassx#2

nthn ( 2017-11-05 22:09:07 +0200 )edit

1 Answer

Sort by » oldest newest most voted
5

answered 2018-03-15 17:20:22 +0200

jobe-m gravatar image

updated 2018-03-15 17:24:19 +0200

ownKeepass does not support opening databases only with a key file. You always need also a password to type in in addition to a key file. Ok, I see that this is a limitation of ownKeepass because KeepassX on the desktop offers the possibility to use only a key file. But I wanted security by design for ownKeepass.

BTW You write your password in plain text in the key file, but that "text" is not used to open a keepass database by password. As already correctly mentioned by @Federico.

edit flag offensive delete publish link more

Comments

Good choice for a mobile app I think, because there are a lot of chances that the key file is somewhere on the device so if someone has access to the DB he will not be far away from the key. From what we can read on KeePass website, a key file stored on the same drive than the DB is not very secure (and who plugs a USB key each time he wants to login somewhere?)

@prometheos-de+it you could just use a short PIN along with your key file, it will increase security. And KeepassX does provide this feature

@jobe-m good to see you're still around, and thanks for this so important app :)

Sthocs ( 2018-03-15 18:37:30 +0200 )edit

@jobe-m thanks for the precise answer (and for the ownkeepass devel). I find it a big handicap to have to enter passphrases on the phone keyboards - compared with the possibilities of the full keyboards , say on my laptop (KeePassX). On Jolla it is easy to enter lowercase letters, but mixing also uppercase and figures and special characters gets 10x more time consuming, compared with the laptop. On the other side, only long, complex passphrases which I know by hearth give me the right sense of security. Tell me: would it be possible on Sailfish/Jolla 1 to enter the passphrase using the built-in keyboard? I count there sixteen special characters, plus 10 figures+24 letters (german kbd), all at direct reach, without SHIFT or ALT key. That would bring a tremendous increase in the amenable passphrase complexity with little effort by the user. P.S. I reopened the question for this - although the original question is answerded. Perhaps i can mae this an independen question.

prometheos de+it ( 2018-03-17 01:03:29 +0200 )edit

Unlocking quickly does not work for me - and no one can remember a secure main password. So it is unfortunately useless. (XA2 Plus - 3.2.1.20)

Volker_S ( 2020-01-14 11:37:22 +0200 )edit

Question tools

Follow
6 followers

subscribe to rss feed

Stats

Asked: 2017-11-04 19:15:44 +0200

Seen: 414 times

Last updated: Mar 15 '18

Related questions

Swype-like virtual keyboard

[Fixed in 1.0.3.8] Crash when linking contacts? [not relevant]

Time slider usage in video player of Gallery app causes the app to hang [duplicate]

QAudioOutput isn't integrated with system volume and libresource like QMediaPlayer

Bug: E-Mail synchronization does not work as configured [released]

Word prediction should be always turned off when entering passwords in Android apps [released]

[Implemented in 1.0.3.8] Poor Polish translation in Sailfish Twitter event feed makes ugly UI issue [answered]

Don't enforce focus to textfield [answered]

[Implemented in 1.0.3.8] Email: Honour Reply-To header [answered]

Bug: Having to delete e-mails twice [answered]

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49