KeePass Encryption Question

Discussion in 'privacy technology' started by chinook9, Oct 23, 2010.

Thread Status:
Not open for further replies.
  1. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I use KeyPass portable. I usually just drag and drop user name and password but on some websites drag and drop does not work and I have to right-click in KeyPass to copy and paste.

    Is protection weakened when I copy and paste?



    NOTE: My other protection is Panda Cloud, Keyscrambler, DW3 and Sandboxie. I always browse in a "Default" sandbox and open a "Security" sandbox for financial transactions so I figure I'm covered, but I'd still like to do the most I can.
     
  2. katio

    katio Guest

    Last edited by a moderator: Oct 24, 2010
  3. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,526
    Location:
    British Columbia
    Try this one for your answer :eek: http://www.zemana.com/ClipBoardLogger_Test.aspx

    For signing in to Keypass and for those times that drag&drop isn't working, try Neo SafeKeys ;) - http://www.aplin.com.au/neos-safekeys-2008

    Edit: If you use Chrome, there is also a virtual keyboard extension which passed the Zemana keyboard keylogger test here - https://chrome.google.com/extensions/detail/mpphfcjpaldmedbbomcdhgonmhjngfig?hl=en
     
    Last edited: Oct 24, 2010
  4. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439
    I tried cutting and pasting from KeePass with the Zemana keylogger running and the keylogger got the password unencrypted from the clipboard. Of course, I had to run the keylogger as trusted by DW3 but I still don't like the idea of putting any of my passwords unencrypted in the clipboard. I'll have to think about how to handle this. I cannot use a virtual keyboard because all of my passwords are very complex and I could never remember any of them.

    Thanks for the recommendations.
     
  5. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,526
    Location:
    British Columbia
    Well, what about right clicking on your entry in Keepass and selecting "Perform Auto-type"o_O Also select in the edit settings - "Two Channel Auto Type Obfuscation"

    Tested this with both the Clipboard and Keyboard Zemana keylogger tests and it passed both tests ;)

    Image below is what it recorded with the "Auto-type" entering my username and password into this forum. Not bad huh! :)
     

    Attached Files:

    Last edited: Oct 25, 2010
  6. chinook9

    chinook9 Registered Member

    Joined:
    Jan 27, 2008
    Posts:
    439

    Thanks Tobacco!! I was hoping there was a solution I wasn't aware of. I will definitely try this. It will make me feel a lot better on some of my financial websites. Thanks again.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.