Hacker News new | past | comments | ask | show | jobs | submit login

I have an iPhone and I do have my keepass file there too. So yes, presumably, the iOS app that I use could have accessed my keepass file and sent it unencrypted over the network to someone (which would be terrible).

Thanks for the comment/reminder! I'll definitely have to re-consider what I do with regards to the keepass file on my phone.




also, just for grins. have you checked to see if the same email is generated in error when a failed login attempt happens from an unknown location?


Yes, good call. And I did just check.

A wrong password = no email.

Correct password from different IP = exact same email saying "Someone just used your master password to try to log in to your account from a device or location we didn't recognize"

That's the exact same email I received earlier with the Brazil IP.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: