In times of easy access to massive GPU compute, I would not trust my password store to such a weak KDF. While Password Safe stands out for allowing users who value the security of a physical authenticator to pair it with a YubiKey, KeePass may be more user. The old KDBX format uses a custom AES-KDF, which is not memory-hard and therefore easy to brute force.
Keepassxc vs keepassx full#
KeePass 2.x offers full Unicode and enhanced high DPI support. The CSVs are fully compatible with most password platforms as well.
You can export the password list to TXT, HTML, XML AND CSV and use it in other applications.
Keepassxc vs keepassx code#
So even with more features, the KeePassXC source code is a lot cleaner and easier to test.Īs for the security of AES, it's true that nobody has broken it yet (quantum computers will change that, 128bit block size is not that much after all), but the encryption is only as strong as its weakest link and most of the time that is the secret key. KeePass and KeePassX are portable, so you can carry either on a flash drive and run on Windows without installing. Felix did a great job back in the day when he maintained KeePassX, but apparently he lost time or interest in the project and we have improved a lot of the code base since the fork. Also, should there ever be a vulnerability, it is questionable how fast it will be patched in KeePassX given the lack of an active team of developers. KeePassX does not have (and for the most part never really had) this kind of double check, since it has/had mainly one developer.
Keepassxc vs keepassx Patch#
Every patch that is merged into the main tree is reviewed by at least one other core developer. There are a lot more eyes looking at the KeePassXC source code.
KeePassX has no known security vulnerabilities, but that doesn't mean it's automatically the safest option (neither does KeePassXC BTW). I know this thread is a month old, but let me answer some of your concerns. They're way less likely to suddenly betray you in an update.
It has a light interface, is cross platform and published. The safest alternative would be an open source password manager like KeePassXC or LessPass so that you can store and encrypt your passwords locally. KeePassX is an application for people with extremly high demands on secure personal data management. It can store your passwords safely and auto-type them into your everyday websites and applications KeePass: A free and open source password manager. It is a cross-platform community-driven port of the Windows application Keepass Password Safe. LastPass, a Password Manager With Millions of Users, Is Hacked KeePassXC vs KeePass: What are the differences KeePassXC: A free and open-source password manager. I use KeepAssCX and keep my databases offline. LastPass Suffers Data Breach, Source Code Stolen
0 kommentar(er)
