Yubico Forum

...visit our web-store at store.yubico.com
It is currently Tue Jan 30, 2018 5:15 pm

View unanswered posts | View active topics


Board index » Yubikey » YubiKey 1.x | 2.x | VIP

All times are UTC + 1 hour




Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 
  Print view Previous topic | Next topic 
Author Message
foxzilla
PostPosted: Thu May 09, 2013 7:08 pm 
Offline

Joined: Thu Mar 15, 2012 6:03 pm
Posts: 32
I'm trying to decide between Password Safe and Keepass. I'm wondering about the way Yubikey is used to secure the database in each one:
- Keepass uses OATH-HOTP
- Password Safe uses Challenge-Response

In here (https://plus.google.com/117010240131763 ... b46TSZKt2B) a person named Dennis Clark says this in his post:
Quote:
OATH-HOTP is a public OTP algorithm but I'm a bit suspicious of the security of any OTP algorithm for self-encryption. [<-- talking about KeePass]

There is another password management application called Password Safe that integrates with Yubikeys in Challenge-Response mode. In this case the Yubikey does operate as a secure source for part of the encryption key, so it's more secure than either of the two KeePass Yubikey integration options.

Do I understand this correctly, that KeePass doesn't use the Yubikey to encrypt the contents of the database itself? Ie. if someone would get the database file and try to bruteforce it, he would only need the master password and not the OATH-HOTP?

Password Safe respectively does encrypt the database with a changing code, making it more secure?
Top
 Profile  
Reply with quote  

Share On:
Share on Facebook FacebookShare on Twitter TwitterShare on Tumblr TumblrShare on Google+ Google+

Tom
PostPosted: Fri May 10, 2013 8:28 am 
Offline
Site Admin
Site Admin

Joined: Wed Nov 14, 2012 2:59 pm
Posts: 666
These are questions about the specific implementation for KeePass and PasswordSafe.

You should redirect them to their respective authors.

Password Safe, does use the Yubikey to encrypt the database therefore: no yubikey, no decryption. I don't know about keepass. There was a customer in this forum section PROJECTS, that was developing a keepass plugin but he disappeared.

_________________
-Tom
Top
 Profile  
Reply with quote  
foxzilla
PostPosted: Fri May 10, 2013 5:56 pm 
Offline

Joined: Thu Mar 15, 2012 6:03 pm
Posts: 32
Thanks, I'll be asking details there. Since Yubico is not only linking but offering how-tos for these programs, I thought you must have at least basic knowledge about their implementation - which you did, so thanks! 8-)
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 3 posts ] 

Board index » Yubikey » YubiKey 1.x | 2.x | VIP

All times are UTC + 1 hour


Who is online

Users browsing this forum: No registered users and 3 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group