Unfortunately the definition of a long/entropic password/passphrase is a moving target. if you intentionally pass on control of accounts others (without changing the credentials). The lifetime of those might outlast your own lifetime, e.g. As such, you need to be confident that your password is long/entropic and does not leak, in whole or in part, for the lifetime of credentials stored in that kdbx.
the cryptography is sound - it should withstand brute-force attacks provided the passphrase is sufficiently long/entropic) but I'm inclined to say 'no' for a few reasons.Įvery time you publish a file like this on the Internet you ought to assume an attacker retains a copy. I want to say 'yes' for reasons outlined by others (e.g. This is a fascinating question and one I've thought a lot about.
0 kommentar(er)
