![]() Like many others (probably many of you), I’ve used KeePass on and off for well over a decade. LastPass of course bringing their theoretical nightmares of a SaaS breach to life, especially with today’s announcement of yet another breach through a DevOps engineer’s personal computer. ![]() Some make the decision to host locally for cost purposes, avoiding subscription fees, whereas others may make the choice for security purposes. KeePass is wildly popular for individuals, small organizations, and teams looking to secure certain ‘keys to the kingdom’ without relying on a software-as-a-service application. This is going to be very relevant in a moment. In this case “locally” may mean on any given on-prem system, server, or removable media. Originally developed in 2003, the application, its management, configuration, and the key database are hosted locally. If you’re not familiar with KeePass, it’s a free, open source password manager that’s not cloud hosted. I’m so glad he brought this up, because it highlights several critical issues network admins and security teams are facing with secrets management. ![]() Professor Cyber Naught of the Mastodons suggested I comment on the situation. This slid under most of our radars, including mine. In the midst of LastPass’s repeated barrage of breaches, a pretty serious vulnerability was found in another common password manager - KeePass. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |