We recommend using Argon2id to prevent against timing-based attacks. The parallelism parameter can be used to specify how many threads should be used. By increasing the memory parameter, GPU/ASIC attacks become harder and the required time increases. The number of iterations scales linearly with the required time. The main advantage of Argon2 over AES-KDF is that it provides a better resistance against GPU/ASIC attacks (due to being a memory-hard function). KDBX 3.1 only supports AES-KDF any other key derivation function, like for instance Argon2, requires KDBX 4.Īrgon2 (KDBX 4 - recommended): KDBX 4, the Argon2 key derivation function can be used for transforming the composite master key (as protection against dictionary attacks).
The more iterations, the harder are dictionary and guessing attacks, but also database loading/saving takes more time (linearly). Users can change the number of iterations. It is recommended to always save databases with compression.Ĭlick the Security button in the left-hand menu bar to change your database credentials and change encryption settings.ĪES-KDF (KDBX 4 and KDBX 3.1): This key derivation function is based on iterating AES. Compression reduces the size of the database and does not have any appreciable affect on speed. To delete entries permanently, you must empty the recycle bin manually.Įnable compression: KeePassXC databases can be compressed before being encrypted. The recycle bin will be created if it does not already exist after your first deletion. Use recycle bin: Select this check-box if you want deleted entries to move to the recycle bin instead of being permanently removed.
Set this value small to prevent the database from getting too large (we recommend 6 MiB). For example, this happens when entries have large attachments. history size: When the history of an entry gets above this size, it is truncated. Set this value to a low value to prevent the database from getting too large (we recommend no more than 10). When you set this to 0, no history will be saved. Max history items: This is the maximum number of history items that are stored for each entry. You can change this name as desired.ĭatabase description: Provide some meaningful description for your database.ĭefault username: Provide a default username for all new entries that you create in this database. On macOS please substitute Ctrl with Cmd (aka ⌘).Ĭtrl + n, where n is the number of the database tabĭatabase name: This is the default identifier for your database and is shown in the tab bar and title bar (when active).
0 kommentar(er)
