KeePass: use a key file or a regular password?
Regarding the ability to use 'key files
' with KeePass.
In order to generate the 256-bit key for the block ciphers, the Secure Hash Algorithm SHA-256 is used. This algorithm compresses the user key provided by the user (consisting of password and/or key file) to a fixed-size key of 256 bits. This transformation is one-way, i.e. it is computationally infeasible to invert the hash function or find a second message that compresses to the same hash.
The recently discovered attack against SHA-1 doesn't affect the security of SHA-256. SHA-256 is still considered as being very secure.
(there is another recent update, but I think such news are not relevant here).
To the point at hand,
Key Derivation:
If only a password is used (i.e. no key file), the password plus a 128-bit random salt are hashed using SHA-256 to form the final key (but note there is some preprocessing: Protection against Dictionary Attacks). The random salt prevents attacks that are based on pre-computed hashes.When using both password and key file, the final key is derived as follows: SHA-256(SHA-256(password), key file contents), i.e. the hash of the master password is concatenated with the key file bytes and the resulting byte string is hashed with SHA-256 again. If the key file doesn't contain exactly 32 bytes (256 bits), they are hashed with SHA-256, too, to form a 256-bit key. The formula above then changes to: SHA-256(SHA-256(password), SHA-256(key file contents)).
If you think your password is going to be a bit weaker (and better for your memory),
the key file is a good second factor.
So, use both (together).
The whole point is to keep your passwords secure, so this is a no-brainer: password. If you use a key file and you lose control of your password database, your passwords are all exposed.