Email or username:

Password:

Forgot your password?
Xe's posts Post Back to profile
Xe :verified:

If you use KeePass 2.x (NOT KeePassXC or KeePass 1.x) then your master password has been leaked into your RAM in cleartext - the fix won't be released until June, but you can get an unstable experimental build with a fix right now, or you can uninstall keepass and move to KeePassXC: pcworld.com/article/1923963/an

20 May 2023 at 22:40 | Open on pony.social
11 comments
charlotte ✨
@cadey important, from the article:

> All existing versions of KeePass 2.x (e.g., 2.53.1) are affected. Meanwhile, KeePass 1.x (an older edition of the program that’s still being maintained), KeePassXC, and Strongbox, which are other password managers compatible with KeePass database files, are not affected according to vdohney.

(since many people i know that 'use KeePass' are on KeePassXC anyways)
@cadey important, from the article:

> All existing versions of KeePass 2.x (e.g., 2.53.1) are affected. Meanwhile, KeePass 1.x (an older edition of the program that’s still being maintained), KeePassXC, and Strongbox, which are other password managers compatible with KeePass database files, are not affected according to vdohney.
20 May 2023 at 22:41 | Open on trans.enby.town
blueish howl

@cadey
> KeePassXC, and Strongbox, which are other password managers compatible with KeePass database files, are not affected according to vdohney.

(seriously just use KeePassXC its so much better imo)

20 May 2023 at 22:54 | Open on tenforward.social
the Hearth

@artemis @cadey we've been recommended to switch to keepassxc before, but there weren't any details as to why. if you wouldn't mind, could you elaborate on what makes it better?
-F

21 May 2023 at 0:43 | Open on plush.city
blueish howl
blueish howl

@Hearth @cadey it also has browser extension integration and stuff like that which is kinda cool. and like other extra features like TOTP or acting as a keyring provider on linux. but those arent why we switched originally theyre just nice

21 May 2023 at 1:32 | Open on tenforward.social
the Hearth

@artemis @cadey what do you mean by "browser extension integration"? Because keefox works with keepass already
-F

21 May 2023 at 1:33 | Open on plush.city
blueish howl

@Hearth @cadey probably the same thing as that (nothing had browser extensions when we switched over like 7 years ago or whatever)

21 May 2023 at 1:35 | Open on tenforward.social
Pinky Floyd
@cadey

how would someone get into your RAM
21 May 2023 at 0:10 | Open on pleroma.payfrit.com
James Tucker

@cadey if you use 1Password or about half the other password managers, it won’t be fixed at all, ever

21 May 2023 at 1:00 | Open on don.rag.pub
Kazii The Avali

@cadey wait theres something other then keypass xc. thats news to me. also best go experimental or to a more safer keypass and then change your master password if you use keypass.

21 May 2023 at 5:46 | Open on bark.lgbt
iRaven

@cadey oh god i actually use this, an incident that actually targets me for once LOL

21 May 2023 at 5:47 | Open on pony.social
Go Up