Hacker News new | past | comments | ask | show | jobs | submit login

Keep it in Dropbox, then it's on all your devices.

I keep my KeePass database in my Dropbox, behind 2FA, with the main Dropbox password being a random string stored within the KeePass database. I have KeePass itself stored on my Dropbox as well, so I don't even need to install it to other Windows PCs, simply run the program. And the KeePass2Android app works quite well with this configuration.




I do the same and find it easy to use. I also store a key file in a different cloud service so that both would need to be compromised along with the password to access the database.


I do the same, but it is a hassle. I constantly get warnings in KeePass that the database file has changed and have to click 'Yes' so it merges the changes. It's always worked so far, but I guess if I click the wrong button I will loose an entry.

Sometimes I get conflict files in the Dropbox folder. Not often, but a few times over the last year.

On iOS I have to open Dropbox and re-export the database file to see new entries. If I ever want to add or change an entry on mobile I have to manually export the file back into Dropbox. If the database in the app wasn't up-to-date, that will loose any entries added on desktop.

The KeeFox extension for Firefox works but is unreliable, especially on Linux.


Tools -> Options -> Advanced

Under File Input/Output Connections, check the box labelled:

- Do not ask whether to synchronize or overwrite; force synchronization

It's a program option, rather than a database one, so you need to set it on each computer running KeePass.


You say that your Dropbox password is a random string so I assume you don't remember it. How do you log in to Dropbox in this case?


I transfer the database, keyfile, and exe files to the new target, then login. Or I might just hand-type the random-string, viewed from my phone, because I am a hardcore operations administrator. In the event of a catastrophic loss of access, I retain backup codes physically recorded in a safe location. And the keyfile, database, & exe are currently in 3 separate devices of mine.


Physically stored in one location? Is that sufficient?


All 3 PCs are in one location, as I only have one living location and rent no colo or VMs. But I'm not worried about having some sort of Dropbox access issue at the same time as a physical incident at my residence, as the probability is (I think) still lower than my very low risk avoidance.


Also not the GP, I do the same thing. In my case I need access to one of my devices with Dropbox configured (my laptop or my phone are most likely, my server syncs too)

Dropbox stores the files locally (on the phone, the kdbx file is marked to be cached and updated offline and I use dropsync)

If someone deletes my kdbx file from my Dropbox account, and I don't realize this in time (before all my devices sync _and_ my backups run out, so very small chance given the nature of the file) I'm in a lot of trouble...


Not the GP, but the password manager's database is likely setup as a Dropbox app. So when you login to your password manager, it retrieves the latest copy of the database. I do this with KeeWeb (cross platform PW manager compatible with KeePass database, although KeePass is better on Windows because of autotype).




Applications are open for YC Summer 2019

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: