KeePass Encryption Question

Discussion in 'privacy technology' started by chinook9, Oct 23, 2010.

Thread Status:
Not open for further replies.
  1. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I use KeyPass portable. I usually just drag and drop user name and password but on some websites drag and drop does not work and I have to right-click in KeyPass to copy and paste.

    Is protection weakened when I copy and paste?



    NOTE: My other protection is Panda Cloud, Keyscrambler, DW3 and Sandboxie. I always browse in a "Default" sandbox and open a "Security" sandbox for financial transactions so I figure I'm covered, but I'd still like to do the most I can.
     
  2. katio

    katio Guest

    Last edited by a moderator: Oct 24, 2010
  3. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Try this one for your answer :eek: http://www.zemana.com/ClipBoardLogger_Test.aspx

    For signing in to Keypass and for those times that drag&drop isn't working, try Neo SafeKeys ;) - http://www.aplin.com.au/neos-safekeys-2008

    Edit: If you use Chrome, there is also a virtual keyboard extension which passed the Zemana keyboard keylogger test here - https://chrome.google.com/extensions/detail/mpphfcjpaldmedbbomcdhgonmhjngfig?hl=en
     
    Last edited: Oct 24, 2010
  4. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I tried cutting and pasting from KeePass with the Zemana keylogger running and the keylogger got the password unencrypted from the clipboard. Of course, I had to run the keylogger as trusted by DW3 but I still don't like the idea of putting any of my passwords unencrypted in the clipboard. I'll have to think about how to handle this. I cannot use a virtual keyboard because all of my passwords are very complex and I could never remember any of them.

    Thanks for the recommendations.
     
  5. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Well, what about right clicking on your entry in Keepass and selecting "Perform Auto-type"o_O Also select in the edit settings - "Two Channel Auto Type Obfuscation"

    Tested this with both the Clipboard and Keyboard Zemana keylogger tests and it passed both tests ;)

    Image below is what it recorded with the "Auto-type" entering my username and password into this forum. Not bad huh! :)
     

    Attached Files:

    Last edited: Oct 25, 2010
  6. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439

    Thanks Tobacco!! I was hoping there was a solution I wasn't aware of. I will definitely try this. It will make me feel a lot better on some of my financial websites. Thanks again.
     
Loading...
Thread Status:
Not open for further replies.