top | item 36237423

(no title)

n0zmer | 2 years ago

KeepassXC has a ways to go still before I can trust it. I just attempted to use it again, after a few years, and syncing the DB across google drive randomly caused all of my entries to be erased. No recovery, nothing. just opened the DB one day and all of my saved notes and passwords went poof.

It's a know bug, but the fact that it still exists really shows how much the devs care about making it a really rock solid alternative. I've never had this issue with Google passwords, 1password or any other provider.

discuss

pcthrowaway|2 years ago

Oh for sure, KeepassXC has some UI issues. And in this case, a glaring bug, thank you for making me aware of it! It looks like there are workarounds, though I'm not sure how much I like them.

I've already been doing manual backups. In addition, there is a feature to make a copy of the database before writing that I've just turned on. And the "Use alternative saving method -> Directly write to database file (dangerous)" option is supposed to prevent this issue from happening with cloud storage.

I wasn't in any way arguing KeepassXC is a layperson-friendly way to manage authentication credentials, just that it gives you the most security from the big identity providers (Apple, Google) selling you out for political or selfish reasons.

Of course, there's probably only so much I can do here. Apple could presumable ship an update to their OS that allows them to access a user's database while it's unlocked, or to keylog the master password.

A yubikey might be the only thing that can really protect you here.