Is it insecure to upload Keepass database to Google Drive, Dropbox or any other file service in the cloud?
I’ve read this answer in Security Stackexchange: https://security.stackexchange.com/a/45337
So, I feel kinda confident if a put a big number of PBKDF2 iterations, like 10.000.000, it should be OK.
My master password is based on diceware, but is not very very long because I need to remember it.
What do you people think about this?
I keep mine in the cloud but I also have a key file attached to it. That is not kept in the cloud so at least I have some security if the cloud service gets hacked and my password is 57 characters long.
I get it. But if I have to carry the key file everywhere to every device, I can just carry the database file.
There are two advantages of using the cloud for the database while keeping a key file out of it.
Understandable. I don’t go very many places so this way is most convenient for me. For your situation I’m not real sure what would be the best practice for you, but I will be keeping an eye on this thread if someone has a better answer