|
|
|
|
|
|
by pfg
4792 days ago
|
|
|
Is the key derivation bad because of SHA-256, or because it is too fast/easy to brute-force? According to the security page, they do 6000 (AES) encryption rounds on the key after hashing it (6000 by default, you can increase the work factor). So I guess this is comparable to what bcrypt/scrypt does? (There's something on the security page saying that KeePassX (as opposed to KeePass) only partially supports this, though.) |
|
|