KeePass: use a key file or a regular password?

passwords encryption password-management keepass

I'm setting up a KeePass database and it offers the ability to use a key file, which it says is more secure because it can use a longer and more complex password but is easier to break because you only need the key file to open the database. I'll only be using the key file on 2 computers (one desktop and one laptop), wo which is the best option?

Note that it's definitely more appealing to use the key file for me because i have a hard time remembering anything close to a random password.


Regarding the ability to use 'key files' with KeePass.

In order to generate the 256-bit key for the block ciphers, the Secure Hash Algorithm SHA-256 is used. This algorithm compresses the user key provided by the user (consisting of password and/or key file) to a fixed-size key of 256 bits. This transformation is one-way, i.e. it is computationally infeasible to invert the hash function or find a second message that compresses to the same hash.

The recently discovered attack against SHA-1 doesn't affect the security of SHA-256. SHA-256 is still considered as being very secure.

(there is another recent update, but I think such news are not relevant here).
To the point at hand,

Key Derivation:
If only a password is used (i.e. no key file), the password plus a 128-bit random salt are hashed using SHA-256 to form the final key (but note there is some preprocessing: Protection against Dictionary Attacks). The random salt prevents attacks that are based on pre-computed hashes.

When using both password and key file, the final key is derived as follows: SHA-256(SHA-256(password), key file contents), i.e. the hash of the master password is concatenated with the key file bytes and the resulting byte string is hashed with SHA-256 again. If the key file doesn't contain exactly 32 bytes (256 bits), they are hashed with SHA-256, too, to form a 256-bit key. The formula above then changes to: SHA-256(SHA-256(password), SHA-256(key file contents)).

If you think your password is going to be a bit weaker (and better for your memory),
the key file is a good second factor.
So, use both (together).


The whole point is to keep your passwords secure, so this is a no-brainer: password. If you use a key file and you lose control of your password database, your passwords are all exposed.

Related

Vertical Split in GNU Screen on Mac OS X
Lock your computer after 5 minutes of inactivity
How can I get Vim to indent all the lines in a list item - not just the second?
How to disable Acrobat Reader's "Click-Scroll-Feature"?
Autoindentation in Sublime 2 text editor
Is it possible use Dropbox as my OSX Time machine backup drive?
Make Jumplist Shortcut Always Run Application as Administrator
How to open xlsx files with Excel 2013 by default on windows 8?
Why can't you use special characters in a filename, like "?" or ";"?
In FTP, what are the differences between passive and extended passive modes?
Is it possible to save the session password in MobaXterm?
Logical vs. Physical CPU performance