You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Version: KeyPassXC 7.2.6
Clients: Windows
Database located on a Windows Fileserver (SMB share)
Yubikey 5 NFC
Steps to Reproduce
Remove Yubikey while another user is modifying database. When re-inserting the Yubikey and change something in the data the database will be overwritten without warning and thus meanwhile changes of other users are lost
Expected Behavior
Prevent overwriting if data have changed since last read
Actual Behavior
Database overwrite
Context
We use KeyPassXC in a team and realised that information entered were gone next time it was needed. We even lost access to systems after a password change because the changed password was swapped back to earlier version by KeePassXC. We used the standard settings under File management:
Automatically save after every change
Automatically save when locking database
Automatically non-data changes when locking database
Automatically reload the database when modified externally
Finally found how it happens. If user A has removed the Yubikey and user B changes data then user A will get a warning that database cannot be read after a change. If later user A plugs in the Yubikey meanwhile changes are ignored. If user A changes data then earlier changes of user B are overwritten.
To prevent this to happen we activated then the alternative saving methode to write directly to the database. Now we have a new behavior: Everytime a user is changing data all other users get a message headed "Merge Request":
The database file has changed and you have unsaved changes.
Do you want to merge your changes?
Merge / Discard
However, the other users have no unsaved changes thus usually press Discard. Now, if a user has the Yubikey unplugged when the message appears and clicks on Discard, KeePassXC overwrites the database with a zero byte file immediatly.
The text was updated successfully, but these errors were encountered:
Overview
Version: KeyPassXC 7.2.6
Clients: Windows
Database located on a Windows Fileserver (SMB share)
Yubikey 5 NFC
Steps to Reproduce
Remove Yubikey while another user is modifying database. When re-inserting the Yubikey and change something in the data the database will be overwritten without warning and thus meanwhile changes of other users are lost
Expected Behavior
Prevent overwriting if data have changed since last read
Actual Behavior
Database overwrite
Context
We use KeyPassXC in a team and realised that information entered were gone next time it was needed. We even lost access to systems after a password change because the changed password was swapped back to earlier version by KeePassXC. We used the standard settings under File management:
Automatically save after every change
Automatically save when locking database
Automatically non-data changes when locking database
Automatically reload the database when modified externally
Finally found how it happens. If user A has removed the Yubikey and user B changes data then user A will get a warning that database cannot be read after a change. If later user A plugs in the Yubikey meanwhile changes are ignored. If user A changes data then earlier changes of user B are overwritten.
To prevent this to happen we activated then the alternative saving methode to write directly to the database. Now we have a new behavior: Everytime a user is changing data all other users get a message headed "Merge Request":
The database file has changed and you have unsaved changes.
Do you want to merge your changes?
Merge / Discard
However, the other users have no unsaved changes thus usually press Discard. Now, if a user has the Yubikey unplugged when the message appears and clicks on Discard, KeePassXC overwrites the database with a zero byte file immediatly.
The text was updated successfully, but these errors were encountered: