This one is worth at least three dagnabbits, a golly gee and two daggums.

I use KeePass, or some of it’s forks, flavors and versions, for password management. I store the database locally on each device and keep them synced between devices with Syncthing.

I got a notice that a password on one of my accounts had been compromised. So I went to that website on my desktop, logged in, changed my password, and updated the entry in KeePass, saved and quit the application. I checked my phone to see if the change had propagated there…it hadn’t.

I started poking around, making sure Syncthing was running, I went so far as to copy the database on my PC somewhere, delete it from both systems, and then put it back on my PC to see if I could get it to resync the whole file at once. The change didn’t propagate.

Somehow I ended up in Keepass’ settings menu on the phone, and noticed an option called “Database Caching.” Turns out, it had copied the database to the app’s cache directory, and it was pulling from there rather than the actual file. I guess assuming that the database would be stored in the cloud or something, rather than in the device’s onboard storage.

That’s 25 minutes I’m not going to get back, and now neither will you!

  • Zarobi@aussie.zone
    link
    fedilink
    English
    arrow-up
    1
    ·
    19 hours ago

    I had this same problem… it’s a problem inherit to all password managers actually. Even proprietary cloud based ones like Bitwarden to some extent.

    Fundamentally, it’s a bad user experience if you have to redownload, parse, load, verify, the entire database each time you need to use a password. Most phones block this kind of activity in the background as well to save power. So it caches it and only updates this cache occasionally. Ideally there would be some sort of pub/sub situation that updates the cache automagically but this doesn’t seem to be the case.