Keepass Password Storage–Hacked! #keefarce #encryption #privacy

Oh no! My favorite passwork keeper is now vulnerable! I should have known it couldn’t last:

If you are a KeePass user like me, then beware. denandz just posted a tool in github that can break your KeePass password safe. . .this tool is named KeeFarce. It allows extraction of KeePass 2.x password database information from memory. The cleartext information, including usernames, passwords, notes and url’s are dumped into a CSV file in %AppData% 

Tools like KeeFarce reminds us that password managers could represent a single point of failure that could be exploited with severe repercussion by hackers.
Source: BlackMoreApps 

Fortunately, this appears to only affect Windows users, not GNU/Linux or Mac users. Thank goodness. In the meantime, you may want to encrypt your Keepass password file with something like Secure Space Encryptor (SSE), AEScrypt, or MiniLock for added protection.

  • Mac/Windows/Linux computer? 
  • Chromebook or use Google Chrome? 
    • Try Minilock for individual file encryption

    Everything posted on Miguel Guhlin’s blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure

    Leave a Reply

    Fill in your details below or click an icon to log in: Logo

    You are commenting using your account. Log Out /  Change )

    Google photo

    You are commenting using your Google account. Log Out /  Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out /  Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out /  Change )

    Connecting to %s

    %d bloggers like this: