|
|
|
|
|
|
by T3OU-736
68 days ago
|
|
|
That is what I was thinking, too, but rather than the keyfile being an actual file, it is, instead, on the USB-C HW token. So, to decrypt your KeePassXC db, you'd need the physical token to do the decryption, and ask it to be, effectively, an HSM. https://keepass.info/help/kb/yubikey.html talks of different ways of doing something like that, but I've not played with it yet. Another option is just to store passkeys natively on the token itself? |
|
|