Keepass Password Storage–Hacked! #keefarce #encryption #privacy

Oh no! My favorite passwork keeper is now vulnerable! I should have known it couldn’t last:

If you are a KeePass user like me, then beware. denandz just posted a tool in github that can break your KeePass password safe. . .this tool is named KeeFarce. It allows extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url’s are dumped into a CSV file in %AppData% 

Tools like KeeFarce reminds us that password managers could represent a single point of failure that could be exploited with severe repercussion by hackers.
Source: BlackMoreApps 

Fortunately, this appears to only affect Windows users, not GNU/Linux or Mac users. Thank goodness. In the meantime, you may want to encrypt your Keepass password file with something like Secure Space Encryptor (SSE), AEScrypt, or MiniLock for added protection.


Everything posted on Miguel Guhlin’s blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: