steelej

There are several points to consider. Your PC database does NOT need to be on Onedrive - it can be local. It should be separate from the shared copy. The recommended way is to use triggers to synchronise your PC database to a central database whenever you open or close your PC database. That central database needs to be in the cloud e.g. on onedrive. On your phone you can open the onedrive copy and see all of your most recent entries. If you allow updates to the database from your phone these will...

Storing the database file in Onedrive does provide the very significant benefit is that it isautomatically backed up to an external server. For it to storethe database there you must actually have access to Onedrive but that tends to be created when you create your Microsoft account which cab be difficultto avoid these days. There is no security issue with storing the Keepass database file on Onedrive, or any other cloud service, due to the level of encryption used onthe database.

So you phone gets stolen. What additional protection does your keyfile provide?

I think it should be mentioned that the only benefit of having key file is adding an additional layer of security. To be effective this key file must NEVER be just a file on the same device as your Keepass database file. On a phone that is usually difficult to achieve. A Keyfile should be on a memory stick, which is removable media and only inserted when needed, or perhaps on a network drive to add any additional security benefit. Tricky on a phone! If it is on the same device, e.g. your phone or...

This should be posted as a new question rather than hijacking a post for a completely different topic. You might get more helpful answers.

It does not matter if your KeePass data file is copied anywhere. It can only be opened with your password. The password needs to be around 15 characters (from memory) to defeat brute force attacks. This password length may have changed as it is a while since I have seen the analysis from people who are more familiar with the encryption method used. The database encryption is all the protection you need provided your KeePass PASSWORD is never published, or stored on your device in any format. You...

This is not the KeePassXC forum. This is for the original KeePass support. KeePassXC is a different program.

I would also suggest considering using a cloud service to synchronise to rather than a local copy. That way you have an always available off-site backup of this very important file. Any cloud service would be suitable. The inherent strong encryption of the Keepass database makes this perfectly safe provided you have a reasonable length password. I synchronise my Keepass file between two local computers and a version of KeePass running on my Android phone. I have been using this process for many years....