-
Notifications
You must be signed in to change notification settings - Fork 104
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use linked-database credentials to simplify cross-database operations #397
Comments
Make sure you have "Remember master keys" enabled in KeePassium settings, and database timeout is reasonably long. If a database was previously opened in KeePassium and the app still remembers DB's master key, it won't ask for manual input. This applies to moving between databases as well. |
Thanks for your answer. Yes, I know that's possible. However, I prefer to clear master keys after a short time. I disabled most settings that can make the app more convenient to use. Because I hope that stricter security settings keep passwords safe. I also encourage other team members to use stricter security settings inside KeePassium. Because what happens when someone in the team uses a weak macOS password? I somehow thought that KeePassium stores the passwords in macOS keychain which is accessible with the macOS password. But maybe I'm wrong...? Could it be true that this feature request will also be helpful for teams that use stricter security settings via Managed App Configuration? https://support.keepassium.com/docs/mdm-appconfig/ When sharing databases with a team, databases have passwords that I don't remember. It would be better to open the database via a linked database entry if I want to move entries. This way I don't have to open the target database first and go back to the source database to move entries. I still hope that you can consider this feature request. |
@latvia234 , thank you for the details.
You are right. On macOS, anyone with the system password can view all the keychain entries. Which makes the whole system security depend on a single password. On iOS this is not the case, keychain is not user-accessible.
I see your point, it does make sense. I am slightly concerned whether magically unlocking a database based on credentials stored somewhere else in the database would violate the principle of least surprise. But then, that surprise does not really undermine database security (credentials were available to this user anyway), and security benefits probably outweigh the surprise risks. Let's keep it on the list, I'll just adjust the title a bit. |
Currently, when moving an entry from one database to another in KeePassium, users are required to manually enter the password for the target database.
I would like to request a feature that uses the "linked database entry" (in the source database) to automatically open the target database when moving an entry. This would streamline the process, reduce the need for re-entering passwords, and improve user experience.
Proposed Workflow:
Benefits:
Thank you for considering this feature request.
The text was updated successfully, but these errors were encountered: