I'm setting up a KeePass database and it offers the ability to use a key file, which it says is more secure because it can use a longer and more complex password but is easier to break because you only need the key file to open the database. I'll only be using the key file on 2 computers (one desktop and one laptop), wo which is the best option?
Note that it's definitely more appealing to use the key file for me because i have a hard time remembering anything close to a random password.
Regarding the ability to use 'key files' with KeePass.
In order to generate the 256-bit key for the block ciphers, the Secure Hash Algorithm SHA-256 is used. This algorithm compresses the user key provided by the user (consisting of password and/or key file) to a fixed-size key of 256 bits. This transformation is one-way, i.e. it is computationally infeasible to invert the hash function or find a second message that compresses to the same hash.
The recently discovered attack against SHA-1 doesn't affect the security of SHA-256. SHA-256 is still considered as being very secure.
(there is another recent update, but I think such news are not relevant here).
To the point at hand,
Key Derivation:
If only a password is used (i.e. no key file), the password plus a 128-bit random salt are hashed using SHA-256 to form the final key (but note there is some preprocessing: Protection against Dictionary Attacks). The random salt prevents attacks that are based on pre-computed hashes.When using both password and key file, the final key is derived as follows: SHA-256(SHA-256(password), key file contents), i.e. the hash of the master password is concatenated with the key file bytes and the resulting byte string is hashed with SHA-256 again. If the key file doesn't contain exactly 32 bytes (256 bits), they are hashed with SHA-256, too, to form a 256-bit key. The formula above then changes to: SHA-256(SHA-256(password), SHA-256(key file contents)).
If you think your password is going to be a bit weaker (and better for your memory),
the key file is a good second factor.
So, use both (together).
The whole point is to keep your passwords secure, so this is a no-brainer: password. If you use a key file and you lose control of your password database, your passwords are all exposed.
Use both. Keep your key file in your flash drive and bring it allways with you. But not somwhere on desktop (it is the same as writing password on sticky notes). I'm using this way to my encrypted HDD partition (with truecrypt). So if anybody still somehow get your password, they need keyfile too.
For a newbie to password management:
Password only
Why?
It cuts your file (mis)management concerns in half and limits it to just one file.
A KeepassX .kdbx db can be secured with a mixed 64 character password. That's plenty of scope to create a long, secure password.
This helps to underline that the (strong) password (in your head) is your primary focus (not where you kept the keyfile etc.).
If you have trouble remembering passwords (of course, we all do) use a password manager (like KeepassX) and you'll only have to remember one good strong one.
I have opted for key file use. I have a also created a an email account used specifically to store my keyfile (I do not like hanging around witha USB flash each time I want to access my e-banking account for instance).
If the computer I am using is not my personal one, I simply log in to that email account on the computer I would like to use the key file, then log in to yet another email account which has the most recent version of my .kdbx file.
Lastly, I download KeePass and install it on the PC, use the key and .kdbx along with my Database password and that's it!
Of course, I wipe off both the .kdbx and key file on the PC used.
