Security level of the default KeePass database password?
Answered
I'm worried about the security level of the password that PyCharm automatically generates for the KeePass Database. I'd like to know the minimum length of it and if special characters are used, things like that. YES, I know we can change it, but I'd like to know the security level of the default password, if it's good enough, I'll stay with it.
Please sign in to leave a comment.
Hello Juan,
What OS do you use? Windows? The generated password is 32 random bytes encoded as hex (i.e. > 64 chars). Stored using Crypt32 API on Windows.
Yes, Windows. Thanks for the info.
Looking at the corresponding code of the community edition, it looks like the master password file (pdb.pwd) always gets encrypted with the same key ("Proxy Config Sec").
See https://github.com/JetBrains/intellij-community/blob/HEAD/platform/credential-store/src/KeePassCredentialStore.kt#L231
Am I misunderstanding something, or are you indeed always using the same key?
Why is there no option to not store the master key - as doing so can only lead to an insecure implementation I think. (Because with which key would you securely encrypt the master key? This key would have to be stored securely again etc.)