Databases: Keepass on pc and keepassdroid on android (saved as not kdbx files, stenographically passworded inside a jpg renamed as a wav, manually backed up between pc and phone, suits me.
Its a pain, but not as painful as being lastpassed!
From the KeePassXC FAQ: "Additionally, you can use a key file filled with an arbitrary number of random bytes or a YubiKey to further enhance your master key"
> So in a sense, it makes your password stronger, but technically it doesn't qualify as a separate second factor, since this is not an authentication scheme and also because the expected response doesn't change every time you try to decrypt your database.
I'd argue that the biggest threat against a (non-cloud-synced) password manager is a local database compromise, and the Yubikey does not meaningfully help here.
To be fair, I don't think anything can help in this threat model – a password manager is ultimately a key/value storage for bearer tokens, and if an attacker can exfiltrate those key/value pairs, it's game over.
So the Yubikey certainly helps against an otherwise too short/reused password manager unlock password, or against somebody shoulder-surfing your password and able to steal your database, but not otherwise tamper with the device you're decrypting it on.
But other than that – if somebody can steal your local database and sniff your password (e.g. via a key logger), they can probably also sniff your Yubikey challenge/response, which is returned via the USB HID protocol as well.
If an attacker compromises your local machine, they don’t need any password: they just wait for you to enter all required credentials and read the passwords when the database is unlocked.
Also, you omitted an important sentence at the end of the FAQ that you quoted. The response changes every time you save the database. Yubikey uses HMAC-SHA1, which is a hash of a shared key and a counter. The counter, and hence the response, changes when the file changes. That helps a lot, with constantly rotating the master key. It also adds 140 bits to an otherwise easy to remember password.
I do see the point of adding more entropy, but against what type of attacker is the rotating password an improvement?
It seems to kick the attacker out of getting future database updates after a point-in-time compromise, but do users using a password manager frequently change their passwords stored in it? At least I don't.
Dropbox works really well with KP and I used it for years. The problem was that I ended up with more devices than Dropbox supported for free so I switched to Syncthing. If you only have three devices use Dropbox.
Syncing with Dropbox worked well for me. When you deal with an adversarial server holding your ciphertexts, you have to be a bit careful with the encryption. But keepass is good, AFAIK.
Syncthing improves the security, for instance, just in case a vulnerability creeps into the keepass code.
It works, but I had problems with the Windows Dropbox client failing... silently, so my wife and I would end up with different versions of files, or not being able to "send" them to each other because her client was down and we wouldn't know.
Syncthing works, has no central server to be beholden to, is free, and I have much more stability with it.
Keepassxc supports Yubikey, so you can lock it down strongly!