Bug#405896: ITP: keepassx -- light-weight and easy-to-use password manager
In gmane.linux.debian.devel.general, you wrote:
> * Package name : keepassx
> Version : 0.2.2
> Upstream Author : Tarek Saidi <mail@tarek-saidi.de>
> * URL : http://keepassx.sourceforge.net/
> * License : GPL
> Programming Lang: C++
> Description : light-weight and easy-to-use password manager
>
> KeePassX is an application for people with extremly high demands on
> secure personal data management. It has a light interface and is cross
> platform.
> .
> KeePassX saves many different information e.g. user names, passwords,
> urls, attachemts and comments in one single database. For a better
> management user-defined titles and icons can be specified for each
> single entry. Furthermore the entries are sorted in groups, which are
> customizable as well. The integrated search function allows to search in
> a single group or the complete database.
> .
> The complete database is always encrypted either with AES (alias
> Rijndael) or Twofish encryption algorithm using a 256 bit key. Therefore
> the saved information can be considered as quite safe. KeePassX uses a
^^^^^^^^^^
Ummm.
Apart from that, just because it uses strong ciphers it doesn't mean it's
secure. It appears to only have a single author and to be very fresh and I
don't think it has received real review so far. Until it has matured more
I wouldn't upload this to unstable, as every flaw will expose all the pass-
words and passphrases of a user.
Cheers,
Moritz
Reply to: