• henfredemars@infosec.pub
    link
    fedilink
    English
    arrow-up
    97
    arrow-down
    1
    ·
    2 months ago

    You don’t want anything that advertises next generation encryption. You want tried and true encryption. You want boring encryption.

      • Natanael@infosec.pub
        link
        fedilink
        English
        arrow-up
        29
        arrow-down
        1
        ·
        edit-2
        2 months ago

        Then you want them to advertise NIST PQ standards

        … Which is also not necessary for single user password databases anyway

        • coffeetastesbadlikecoffee@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          29
          arrow-down
          1
          ·
          2 months ago

          Yes it is necessary just as my homelab needs to have enterprise hardware and be georedundant. Statements like yours make my very reasonable self hosting purchases hard to financially justify.

          • Natanael@infosec.pub
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            6
            ·
            2 months ago

            The standards are royalty free, so I’m not sure what that has to do with anything

    • sugar_in_your_tea@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      2 months ago

      For a personal database that’s unlikely to leave your hardware, sure. For SSH keys or something else that needs to be accessible publicly, post quantum or other “next generation” encryption may be reasonable.

      If you’re sharing KeePass with others, maybe post quantum encryption is something to look for to get a bit of protection going forward.