To be quite honest, I find keepass2 clumsy, flakey (particularly on linux, probably more because of mono than because of the keepass2 code).
I used to use TWc with my TiddlerEncryptionPlugin, the security is not perfect but the usablity of TW was the main driver. I am not trying to protect myself from a full blown NSA scrutiny, I am am happy with something that will keep 99.999% of the population at bay. So, I understand that some content may be written to disk, but if I am so concerned, I would be doing all sorts of other things to protect myself, like clear cache on exit, zero blocks on delete, etc. ...Lyall On Monday, January 13, 2014 3:55:00 AM UTC+10:30, PMario wrote: > > On Sunday, January 12, 2014 12:03:43 PM UTC+1, Lyall wrote: > >> I am re-visiting TW5 and am keen to see if I can discard KeePass2. >> >> Has anyone created a TW5 that is aimed at credential storage? >> > > Hopefully not. IMO TW5 primary goal is to be a wiki. KeePass2's primary > goal is to be a secure data store. > > If you read the info page "Javascript Cryptography Considered Harmful" > [1], there are some very strong arguments. One of them is browser caching > ... > > IMO an other one will be a "new TW5 feature" that will use browser local > storage to prevent data loss. So your tiddler content in edit mode may be > saved as plain text to the disk. ... @Jeremy did you think about this > problem? > > ... Just carefully read the article [1] and then compare it with the > Keypass2 info page about Security [2]. ... KP2 tries to do the best to > remove sensitive plain text data from the computers memory, just in case > the OS stores memory to the HD in plain text format. (Also visit the > reference links) > > just my 2€ents > -mario > > [1] http://www.matasano.com/articles/javascript-cryptography/ > [2] http://keepass.info/help/base/security.html > -- You received this message because you are subscribed to the Google Groups "TiddlyWiki" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/tiddlywiki. For more options, visit https://groups.google.com/groups/opt_out.
