Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
en | Technical | KeePassRPC | Security levels
Kee browser addon
For this encryption to work, there needs to be a secret key/password that is shared between the two communicating partners - in our case that is the KeeFox Firefox add-on and the KeePassRPC KeePass plugin.
Both ends of the connection need to store the secret key in a safe place; the security level you choose will affect where and how these keys are stored.
No matter which security level you use, the actual messages travelling between Firefox and KeePass are encrypted with the highest available security.
Which security level should I choose?
Most people will be happiest with the medium security level - it provides a good balance of security and convenience. This is a similar level of security that version 1.2 of KeePassRPC offered.
If you want higher security you can either:
Enable high security mode which will ask you to type a new short password every time you connect Firefox to KeePass. A new secret key is created from each password you type.
Adjust the "Authorisation expiry time" to decrease the length of time that each secret key is used for. The default expiry time is one year (except in version 1.3.0 where a mistake has set this expiry time to 2 weeks).
You should only choose the low security mode if you are performing a short-term test to diagnose problems that prevent you from using a higher security level.
Technical detail about exactly what is different between each security level can be found here