You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I’ve just spent 20 minutes trying to open my database (and restoring from backups, experimenting, etc.) after changing the key file only. Then I realised that the password was deleted.
Expected Behavior
User is warned that the settings are being overwritten and not modified.
Current Behavior
User is not informed (it is even implied that it is being modified since ‘change’ can mean ‘modify’, not only ‘swap’/‘replace’), leading to confusion when trying to open the database again.
Possible Solution
A simple ‘New security settings:’ text at the start or changing the title to ‘New master key’ would solve this problem.
Steps to Reproduce
Database → Change master key
Untick ’Password’, tick ‘Key file’
Choose/create new key file
Restart KeepassXC, choose new key file, enter old password
HMAC error
Context
I got a notification that my keyfile was old, so I decided to upgrade it. I didn’t want to change my password so I just left it unticked and only created a new keyfile. When I tried opening the database later it just didn’t want to work, throwing HMAC errors.
I’ve since realised that by unticking the password I removed it, but this is bad UI.
Debug Info
KeePassXC - Version 2.3.1
Revision: 2fcaeea
Distribution: Flatpak
Libraries:
Qt 5.10.1
libgcrypt 1.7.3
Operating system: Linux 4.15.6-300.fc27.x86_64
CPU architecture: x86_64
Kernel: linux 4.15.6-300.fc27.x86_64
Enabled extensions:
Auto-Type
Browser Integration
Legacy Browser Integration (KeePassHTTP)
SSH Agent
YubiKey
The text was updated successfully, but these errors were encountered:
I haven't yet tried this, but presumably a colored warning like a password strength warning would work. Like "Your password is so weak... because you don't have one. And you did before!"
I’ve just spent 20 minutes trying to open my database (and restoring from backups, experimenting, etc.) after changing the key file only. Then I realised that the password was deleted.
Expected Behavior
User is warned that the settings are being overwritten and not modified.
Current Behavior
User is not informed (it is even implied that it is being modified since ‘change’ can mean ‘modify’, not only ‘swap’/‘replace’), leading to confusion when trying to open the database again.
Possible Solution
A simple ‘New security settings:’ text at the start or changing the title to ‘New master key’ would solve this problem.
Steps to Reproduce
Context
I got a notification that my keyfile was old, so I decided to upgrade it. I didn’t want to change my password so I just left it unticked and only created a new keyfile. When I tried opening the database later it just didn’t want to work, throwing HMAC errors.
I’ve since realised that by unticking the password I removed it, but this is bad UI.
Debug Info
KeePassXC - Version 2.3.1
Revision: 2fcaeea
Distribution: Flatpak
Libraries:
Operating system: Linux 4.15.6-300.fc27.x86_64
CPU architecture: x86_64
Kernel: linux 4.15.6-300.fc27.x86_64
Enabled extensions:
The text was updated successfully, but these errors were encountered: