Yubico Forum

Re: Keepass & Password Safe with Yubikey

2013-05-10T17:56:05+01:00

Thanks, I'll be asking details there. Since Yubico is not only linking but offering how-tos for these programs, I thought you must have at least basic knowledge about their implementation - which you did, so thanks!

Statistics: Posted by foxzilla — Fri May 10, 2013 5:56 pm

Re: Keepass & Password Safe with Yubikey

2013-05-10T08:28:13+01:00

These are questions about the specific implementation for KeePass and PasswordSafe.

You should redirect them to their respective authors.

Password Safe, does use the Yubikey to encrypt the database therefore: no yubikey, no decryption. I don't know about keepass. There was a customer in this forum section PROJECTS, that was developing a keepass plugin but he disappeared.

Statistics: Posted by Tom — Fri May 10, 2013 8:28 am

Keepass & Password Safe with Yubikey

2013-05-09T19:08:02+01:00

I'm trying to decide between Password Safe and Keepass. I'm wondering about the way Yubikey is used to secure the database in each one:
- Keepass uses OATH-HOTP
- Password Safe uses Challenge-Response

In here (https://plus.google.com/117010240131763 ... b46TSZKt2B) a person named Dennis Clark says this in his post:

Quote:

OATH-HOTP is a public OTP algorithm but I'm a bit suspicious of the security of any OTP algorithm for self-encryption. [<-- talking about KeePass]

There is another password management application called Password Safe that integrates with Yubikeys in Challenge-Response mode. In this case the Yubikey does operate as a secure source for part of the encryption key, so it's more secure than either of the two KeePass Yubikey integration options.

Do I understand this correctly, that KeePass doesn't use the Yubikey to encrypt the contents of the database itself? Ie. if someone would get the database file and try to bruteforce it, he would only need the master password and not the OATH-HOTP?

Password Safe respectively does encrypt the database with a changing code, making it more secure?

Statistics: Posted by foxzilla — Thu May 09, 2013 7:08 pm