12

I use KeePass + Dropbox to manage and synchronize my passwords across my devices. This system works really great and I trust KeePass' security model.

However my biggest remaining concern is the master password as I am worried about not being able to protect my PC against keyloggers. To alleviate this fear I want to introduce a second factor of authentication.

KeePass only really allows for using a keyfile as a second authentication factor, and while storing a keyfile on a USB thumb drive does seem like a secure solution it also is too restrictive for me. If I was to use a keyfile, I would probably store it on Dropbox but does this really add any additional security at all? My thinking is that if my master password is compromised then in order for the attacker to succeed he will also need my KeePass database. If he has access to that then he will most likely also have access to the keyfile so I've gained no additional security.

Any comments or suggestions for a better setup which doesn't add too much overhead?

AviD
  • 72,708
  • 22
  • 137
  • 218
snth
  • 965
  • 1
  • 9
  • 10

3 Answers3

9

I think your security model has a couple of potential flaws here - I'll list the potential issues I can see, and you can let me know if they are valid worries in your particular circumstances:

If you have a real worry about not being able to secure your computer against keyloggers, the implication is that an attacker could install anything - which to my mind means game over: they can extract all the data from your KeePass whether you log on with a token or not by grabbing that data the next time you use KeePass.

In addition storing on Dropbox means they could potentially carry out this attack from other locations by sharing your Dropbox as per this vulnerability.

Your only real protection against a threat actor which you think can compromise your machine is to not use that machine (unless you can configure it in such a way that they can't compromise it, of course) and do something like use KeePass on a mobile device (where your risk becomes one of losing your device or having it stolen).

Bob Ortiz
  • 6,339
  • 9
  • 45
  • 91
Rory Alsop
  • 61,474
  • 12
  • 117
  • 321
  • Definitely agree here. If you're looking to defend your KeePass against a computer pwner, keyfiles aren't going to help you. The only second factor that can offer any level of actual protection on a compromised computer is a hardware token like RSA SecurID. Even then, your current session can still get hijacked. But, with an RSA SecurID token or similar device in use, it is less likely that they will be able to independently authenticate as you in the future. – Iszi May 12 '11 at 13:10
1

Although @Rory Alsop is ultimately correct, your 2nd best option is to enter KeePass' main password under a secure desktop (almost no keylogger work on a secure desktop) and do that in conjunction with using key-based and/or OTP auth.

Your best option, if available to you, is to use the suggestion above plus having KeePass installed on a remote machine which you know is (better) physically secured. This essentially expands @Rory Alsop's suggestion to something actionable.

Community
  • 1
Gaia
  • 750
  • 1
  • 6
  • 13
0

If an attacker has access to your computer, all bets are off.

A low overhead TFA solution is using a google provided open ID with the authenticator app. That doesn't work everywhere though.

Ben
  • 605
  • 4
  • 11