Thanks, I'll be asking details there. Since Yubico is not only linking but offering how-tos for these programs, I thought you must have at least basic knowledge about their implementation - which you did, so thanks!
| Yubico Forum https://forum.yubico.com/ |
|
| Keepass & Password Safe with Yubikey https://forum.yubico.com/viewtopic.php?f=16&t=1062 |
Page 1 of 1 |
| Author: | foxzilla [ Thu May 09, 2013 7:08 pm ] |
| Post subject: | Keepass & Password Safe with Yubikey |
I'm trying to decide between Password Safe and Keepass. I'm wondering about the way Yubikey is used to secure the database in each one: - Keepass uses OATH-HOTP - Password Safe uses Challenge-Response In here (https://plus.google.com/117010240131763 ... b46TSZKt2B) a person named Dennis Clark says this in his post: Quote: OATH-HOTP is a public OTP algorithm but I'm a bit suspicious of the security of any OTP algorithm for self-encryption. [<-- talking about KeePass] There is another password management application called Password Safe that integrates with Yubikeys in Challenge-Response mode. In this case the Yubikey does operate as a secure source for part of the encryption key, so it's more secure than either of the two KeePass Yubikey integration options. Do I understand this correctly, that KeePass doesn't use the Yubikey to encrypt the contents of the database itself? Ie. if someone would get the database file and try to bruteforce it, he would only need the master password and not the OATH-HOTP? Password Safe respectively does encrypt the database with a changing code, making it more secure? |
|
| Author: | Tom [ Fri May 10, 2013 8:28 am ] |
| Post subject: | Re: Keepass & Password Safe with Yubikey |
These are questions about the specific implementation for KeePass and PasswordSafe. You should redirect them to their respective authors. Password Safe, does use the Yubikey to encrypt the database therefore: no yubikey, no decryption. I don't know about keepass. There was a customer in this forum section PROJECTS, that was developing a keepass plugin but he disappeared. |
|
| Author: | foxzilla [ Fri May 10, 2013 5:56 pm ] |
| Post subject: | Re: Keepass & Password Safe with Yubikey |
Thanks, I'll be asking details there. Since Yubico is not only linking but offering how-tos for these programs, I thought you must have at least basic knowledge about their implementation - which you did, so thanks!
|
|
| Page 1 of 1 | All times are UTC + 1 hour |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|