KeePass is wildly popular for individuals, small organizations, and teams looking to secure certain ‘keys to the kingdom’ without relying on a software-as-a-service application. This is going to be very relevant in a moment.
In this case “locally” may mean on any given on-prem system, server, or removable media. Originally developed in 2003, the application, its management, configuration, and the key database are hosted locally. If you’re not familiar with KeePass, it’s a free, open source password manager that’s not cloud hosted. I’m so glad he brought this up, because it highlights several critical issues network admins and security teams are facing with secrets management. Professor Cyber Naught of the Mastodons suggested I comment on the situation. This slid under most of our radars, including mine. In the midst of LastPass’s repeated barrage of breaches, a pretty serious vulnerability was found in another common password manager - KeePass.
0 kommentar(er)
