Is it insecure to upload Keepass database to Google Drive, Dropbox or any other file service in the cloud?

I’ve read this answer in Security Stackexchange: https://security.stackexchange.com/a/45337

So, I feel kinda confident if a put a big number of PBKDF2 iterations, like 10.000.000, it should be OK.

My master password is based on diceware, but is not very very long because I need to remember it.

What do you people think about this?

  • vsisOPEnglish
    2·
    1 year ago

    I get it. But if I have to carry the key file everywhere to every device, I can just carry the database file.

    • FlagonOfMe@sh.itjust.worksEnglish
      2·
      1 year ago

      There are two advantages of using the cloud for the database while keeping a key file out of it.

      1. It’s a backup that’s not on any of your own devices.
      2. Your devices sync with little effort. Save the file on one device, and the others have the new database automatically (when using common cloud storage providers that sync)
    • Alatarius@sh.itjust.worksEnglish
      1·
      1 year ago

      Understandable. I don’t go very many places so this way is most convenient for me. For your situation I’m not real sure what would be the best practice for you, but I will be keeping an eye on this thread if someone has a better answer