Reply to post: Re: Extremely Dangerous

KeePass looter: Password plunderer rinses pwned sysadmins

Somone Unimportant

Re: Extremely Dangerous

Three options spring to mind.

1 - run up keypass on an iPhone or Android device and use the file exclusively there. I have a keypass compatible app on my BlackBerry Classic and do just that, then just use my PC as a backup location for the keypass encrypted data file.

2 - run keypass for windows inside a VM on your desktop, and don't give the VM any network connectivity - almost like an air-gap system. It's harder to backup the keypass file but it can still be done - or you can backup the VM that runs it.

3 - or for the completely paranoid of us, just run an air-gap system for some really sensitive stuff.

I'd be more worried about keyboard grabbers intercepting copy/paste traffic as I paste usernames and passwords into fields myself.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021