27 lines
1.3 KiB
Markdown
27 lines
1.3 KiB
Markdown
# KDBX Security Compatibility
|
|
|
|
KeePassGO supports the following KDBX security workflows today:
|
|
|
|
- open and save password-only vaults
|
|
- open and save key-file-only vaults
|
|
- open and save composite password-plus-key-file vaults
|
|
- preserve the original opened vault's KDBX format version during save
|
|
- preserve the original opened vault's cipher selection during save
|
|
- preserve the original opened vault's KDF selection during save
|
|
|
|
What "preserve" means:
|
|
|
|
- if a vault is opened through a managed session and then saved, KeePassGO reuses the opened vault's KDBX header configuration instead of replacing it with default header settings
|
|
- this applies to local and WebDAV-backed vault sessions
|
|
|
|
Current explicit limitations:
|
|
|
|
- KeePassGO does not yet provide a UI for editing cipher or KDF parameters directly
|
|
- new vault creation still uses the library default KDBX header settings for freshly created databases
|
|
- unsupported or unknown header fields outside the preserved header structures are not guaranteed to round-trip if they are not represented by the underlying library
|
|
|
|
Practical expectation:
|
|
|
|
- existing KeePass/KeePass2Android-compatible vaults keep their major format, cipher, and KDF family when edited and saved through KeePassGO
|
|
- KeePassGO does not yet try to be a full advanced database-settings editor
|