Replies: 1 comment 1 reply
-
|
We don't keep anything encrypted in memory when the database is unlocked. The entire contents of the database are decrypted. This includes attachments. If you have sensitive attachments that are not often used, recommend putting them in their own database that you can unlock when you need them. In either case, we harden the access to the programs memory and perform secure wipes on dealloc. |
Beta Was this translation helpful? Give feedback.
1 reply
-
|
Thanks for the clarification, apparently I had the wrong concept about this. |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hey,
In my best understanding, KeepassXC only encrypts certain data in the memory while the DB is open for performance reasons.
Would be possible to select certain attachments to be treated as sensitive data?
I have LUKS key files, SSH keys, etc that I would like to store in KeepassXC as attachments.
Beta Was this translation helpful? Give feedback.
All reactions