How secure is KeePassX?
Solution 1
Programs may have access to the clipboard, for example you copy some text from a webpage and paste it to gedit. This should never happen without user interaction, unless KeePassX has a security vulnerability which another malware (very rare on Unix systems) could then use. Don't use software which you don't trust.
If you want to decrease the probability that your passwords go to someone else, encrypt your home folder, swap and ram, use a good login password, disable user name list in login manager (like gdm). That way the only possible way to get access to your passwords is when KeePassX is running, ie. when you are logged in and have some old insecure programs running.
Solution 2
To exclude KeepassX from adding passwords to the clipboard history, add KeepassX to the exclude list in
settings -> security and privacy -> files and applications
That way, KeepassX won't be recorded in ZeitGeist or the Dash and for example Diodon, will not add passwords to the history list.
Related videos on Youtube
12 : 03
10 : 25
07 : 49
06 : 37
09 : 35
Uli
Updated on September 17, 2022Comments
-
Uli over 1 year
I have hundreds of passwords, since I use a different random one for each website/service. They are all generated & stored with KeePassX, which can be synced to different computers and my android phone via dropbox (or ubuntuone).
I know the database of KeePassX is secure (at least with a good passphrase). But what about when I am copying the password into the clipboard (where it is stored for 5 seconds)? Can any program running in user-space access the clipboard and store the password? If so, how big of a security risk is this?
-
Peter.O over 13 yearsYou may well be aware of it already, but I'll mention ir as a general issue.. Be very aware of clipboard managers (eg. Parcellite)... almost by definition they keep a log of what goes through your clipboard.. even if it only been there for < 1 second :) ...
-
