• thisisawayoflife@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Adding a hardware key, like Nitrokey, would be an additional level of safety there. I would not use the database without some kind of additional key (something you know and something you physically have).

    If there’s something nefarious that has user access, you’ve already lost in that regard.

      • rinze@infosec.pub
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        This is what I do: I have 3 KeepassXC databases (regular passwords, “security” questions, TOTP tokens) each with a different password.