KeePass kdbx on google drive and keepass2android, how to revoke access?

M

MaxBurn

[H]ard|Gawd
Joined
Nov 14, 2004
Messages
1,108
I'm testing for a business and I loaded the portable version in google drive no problem. Also loaded the android app keepass2android and mounted the database no issue.

The problem is when I delete the share in google drive (like we let an employee go) the android app still has access to the local copy of the database, it never gets deleted. It does signal an error in syncing but still allows access through the stored copy.
 
Why are you relying on a password manager for a business/enterprise whose data you don't store on local hardware on an application not designed for what you are trying to do?

Enterprise | LastPass

Get your client to spring for this and be done with it. Liability if something happens is no longer on you and you won't waste countless hours trying to support a solution where you tried to fit a square peg in a round hole.
 
TCM2 said:
Remove the local file?
Click to expand...

Come to think of it we would be repossessing the employees phone and laptop where this stuff is. Then I guess I could change the master pass and revoke their drive share a couple days later for good measure.

ComputerBox34 said:
Why are you relying on a password manager for a business/enterprise whose data you don't store on local hardware on an application not designed for what you are trying to do?

Enterprise | LastPass

Get your client to spring for this and be done with it. Liability if something happens is no longer on you and you won't waste countless hours trying to support a solution where you tried to fit a square peg in a round hole.
Click to expand...

Money. The company I work for is pretty small and something free would go a long way. Personally I have used lastpass for about three years now and 1password before that. I don't see how any password manager stops people from copying information out but I do appreciate how the two could answer the specific question I asked.
 
MaxBurn said:
Come to think of it we would be repossessing the employees phone and laptop where this stuff is. Then I guess I could change the master pass and revoke their drive share a couple days later for good measure.
Click to expand...

Be sure to test for the case where the employee just quits showing up for work and the devices are not returned. I have seen it happen. Either they don't care about having a police report filed or they can't comprehend that taking a company's stuff equals a crime.
 
I'm beginning to think that changing the master password is the way to go. Keep the google drive share for a month or so thus letting their app pull the new database with the password they don't have thus locking them out.
 
You must log in or register to reply here.
Back
Top