keepshare
keepshare copied to clipboard
pfn
why offline mode available only for 6.0+?
Hi first thanks for best keeshare software available for android! but i bumped on comment where some user complains about that keepshare connects to internet. so can you clarify why its doing that? and i think other keeshare programs on market don't do that?
Android 6 is required to enable offline support because hardware key storage is not available until then.
This is required to prevent an offline brute force attack against your pin. Without it, any attacker that is able to access your data could potentially figure out the pin in seconds.
Without hardware key storage, a 2nd part of a 2 part key is stored online in your own private google drive data. It is inaccessible to anything except keepshare.
On Tue, Feb 14, 2017, 2:00 AM Igor Levochkin [email protected] wrote:
Hi first thanks for best keeshare available for android. but i bumped on comment where some user complains about that keepshare connects to internet. so can you clarify why its doing that? and i think other keeshare android software don't do that on market?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/pfn/keepshare/issues/39, or mute the thread https://github.com/notifications/unsubscribe-auth/AAfQxXoUJ__u7Kg5R_8FlZX91eSH9MaWks5rcXtagaJpZM4MARmt .
so if i use local storage instead google drive, will it still connect to internet?
If your device does not have hardware key storage, it will connect to the internet (your google drive private data) to retrieve the 2nd half of the secret key.
On Tue, Feb 14, 2017 at 9:18 AM Igor Levochkin [email protected] wrote:
what if i use local storage instead google drive, will it connect to internet for public key?
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/pfn/keepshare/issues/39#issuecomment-279773231, or mute the thread https://github.com/notifications/unsubscribe-auth/AAfQxWmupKr8gz8mP4E6fstVqJ_XKtmIks5rceHngaJpZM4MARmt .
Passwords cannot be brute forced if you have a password of reasonable length, the possibilities are passwordspace^n depending on the complexity of your password.
A pin is only 10^n
On Wed, Feb 15, 2017, 1:52 AM Igor Levochkin [email protected] wrote:
but brute force also can be done against keeshare kdbx file without any online public key required i don't think other software request any online connection to open that file? so i still don't understand why you adding additional encryption?
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/pfn/keepshare/issues/39#issuecomment-279965595, or mute the thread https://github.com/notifications/unsubscribe-auth/AAfQxWmTQiRPFRpeGwsHjvQnlcie_EeCks5rcsrfgaJpZM4MARmt .
does it due auto login feature so you need to store original password in keychain storage? that come only in 6.0+
i don't use pin feature btw
That is correct. Without a pin, your password is still protected by a 2 part key, one of which is stored in your private google drive storage if you don't have a hardware key store
On Thu, Feb 16, 2017, 3:05 AM Igor Levochkin [email protected] wrote:
ah now i get it, does it due auto login feature so you need to store original password in keychain storage? that come only in 6.0+
i don't use any pin feature btw
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/pfn/keepshare/issues/39#issuecomment-280301535, or mute the thread https://github.com/notifications/unsubscribe-auth/AAfQxY8S471aS7Zu8kM25w3dGrVXX5Nkks5rdC2GgaJpZM4MARmt .