Keepass 2.0 file attachment security

From the KeePass documentation:

File attachments are stored encrypted in the database (like all other database content).


From experience, I can tell you that it embeds the file inside the .kdb. I cannot say for sure that it encrypts them, although I would have to assume so, and would be extremely concerned if it did not (as I understand it, everything inside the file is encrypted).

You can easily test the linking-vs-attaching behavior for yourself by adding a large-ish file and seeing the size of your .kdb shoot up.

Tags:

Keepass