|
||||
|
General InformationKeePass 2.x has an option (in 'Tools' → 'Options' → tab 'Security') to show master key dialogs on a different/secure desktop (supported on Windows 2000 and higher), similar to Windows' User Account Control (UAC). Benefit. Most currently available keyloggers work only on normal desktops; they do not capture keypresses on secure desktops. So, on a secure desktop, the master key is protected against most keyloggers. Limitations.
Compatibility. The option is turned off by default for compatibility reasons (some problems are mentioned below). Why does a desktop switch occur during entering the master key?Symptoms. While entering the master key for a KeePass database on the secure desktop, a switch to a different desktop occurs. KeePass then displays a message 'An application has switched from the secure desktop to a different desktop.', and offers to switch back to the secure desktop. Reason. A different application is causing the switch. For example, users have reported the following applications to cause desktop switches:
Solution. Unfortunately, KeePass cannot prevent other applications from switching to a different desktop. Therefore, the only solutions are to either turn off the secure desktop option of KeePass (in 'Tools' → 'Options' → tab 'Security') or terminate the interfering application. Why does the Input Method Editor (IME) not work?Some Input Method Editors (IMEs) are incompatible with secure desktops. Trying to show such an IME on a secure desktop can result in problems (black screen, IME/CTF process with high CPU usage, ...). In order to avoid such problems, KeePass disables the IME when switching to a secure desktop (and this may also disable it on the normal desktop, depending on the Windows version). If you need the IME for entering the master password, turn off the secure desktop option as follows:
On the normal desktop, the IME can be used as usual. Can the desktop be locked?The Windows desktop can be locked by pressing Win+L. This also works on a secure desktop.
|
|
||