KeePass secure enough without using something like TrueCrypt?
Posted on 2009-07-12
A client is requestion a mechanism other than the usual Escrow route to securely store several credentials to a system which I've been developing (in case I get hit by a train or similar).
My first thouhts were to use KeePass with a master pass and key and store both on the flash drive i intend to issue. Obviously, should this get into the wrong hands, they would only have to crack the master pass. I don't want to separate the key from the app as I don't think they'd store in a manner which enables quick retrieval (or worse, they'd lose it altogether).
So then I thought about created the entore drive as a TrueCrypt volume but then realised that they aren't allowed to install software on their local machines. So, short of supply them 2 flash drives (cumbersome) which has the apps and key between them (probably TrueCrypt portable and the key on one, and teh encrypted drive just having KeePass on it), I'm running out of options.
Can anyone think of a nice, neat and most importantly, secure way of doing this on one drive? Maybe there is a web-site which can function like TrueCrypt (long shot I know)? Any suggestions are greatly appreciated.