8

Where would you recommend me to store a Keepass file?

Usually I have my personal documents in my Dropbox account. Would it be safe to use Dropbox for this file?

gertvdijk
  • 69,427
empedokles
  • 4,023

2 Answers2

10

If you mean a KeePass password file, there are several arguments to decide where to store it. In my opinion, if the passwords are really, really important to you, you should make the decision based on:

  1. The risk of the file being hacked

    Assuming you have a strong password to open the file, you may assume the KeePass file is rather safe (also see the tip of @gertvdijk at the bottom), however:

    If the time to attempt to hack the file is unlimited, everything can be hacked A location that is (potentially) publically accessible to others is not a good idea, Dropbox or other clouds included.

    You should also make sure others will not be able to copy the file for "further processing".

  2. The risk of losing the file because of disk errors.

    One thing is sure: there comes an end to the life of all disks. That means you should at least have a backup of your file on a (physically) other location.

  3. The risk of burglary / fire

    It sounds a bit overkill, but if you use your passwords in a professional (e.g. services to others) environment, and passwords include access to private data of others, you should make sure you also have a backup of the file on another (secure) location, so that you can at least change passwords quickly in case of accidents.

    If I go on vacation, I make a backup of all my important data and keep it in a safe on another address.

Altogether it is hard to tell you what is the best location. It depends on how important the file is to you, if your responsibility includes responsibility to others, how accessible your computer is to others etc. You should make your own decision, but IMO based on your personal consideration of the risks above.

Tip:

Consider increasing the 'Encryption Rounds' setting in the database settings. This brings down the feasibility of a brute-force attack on your master password down by increasing the CPU cycles needed for each password attempt and therefore reducing the risk of the actual (decrypted, plain) contents of your Keepass database being compromised.

enter image description here

Jacob Vlijm
  • 85,475
0

Just store it anywhere. Make duplicates of it. You can upload it every where BUT make your key file common file.

For example. a picture of your pet. just like that. That picture can be mixed with other picture or file. Then upload it in your facebook or in dropbox. Who know that picture is your key file. It is better to be like that. and the best way to hide is to pretend.

My recommendation is base on experience, and there a lot of benefits into it. You an avoid our files to become suspicious.

When you try to use that file. Just download your albums, and choose specific file. and when you do that, i think that is something cool than putting your key file as like a gold, then if that so, bad guys go for your key file.

ji-ruh
  • 149