Preview
Open Original
November 7, 2025, 11:27am 1
I’m finally getting around to properly backing my KeePass DB, and I’ve been trying to determine how best to store everything.
My current plan is:
- Regularly upload my normal DB (DB1 from now on) to one or more cloud providers (possibly encrypted through Cryptomator or Rclone for some obfuscation).
- Regularly upload my encrypted TOTP seed backups in the same way (potentially different cloud providers?).
- Create a separate KeePass DB (DB2 from now on) with just the passwords and potentially TOTP seeds (depends on whether the cloud uses app passwords) necessary to access the cloud storage providers and Rclone/Cryptomator vaults. I’d probably also store the keyfile for DB1 in DB2.
- Burn a couple CDs or something with DB2 and store them in m…
November 7, 2025, 11:27am 1
I’m finally getting around to properly backing my KeePass DB, and I’ve been trying to determine how best to store everything.
My current plan is:
- Regularly upload my normal DB (DB1 from now on) to one or more cloud providers (possibly encrypted through Cryptomator or Rclone for some obfuscation).
- Regularly upload my encrypted TOTP seed backups in the same way (potentially different cloud providers?).
- Create a separate KeePass DB (DB2 from now on) with just the passwords and potentially TOTP seeds (depends on whether the cloud uses app passwords) necessary to access the cloud storage providers and Rclone/Cryptomator vaults. I’d probably also store the keyfile for DB1 in DB2.
- Burn a couple CDs or something with DB2 and store them in my home and at a relative’s home.
Does this sound viable? I’m trying to avoid storing DB1 on the “oh shit everything is on fire and I lost every single one of my devices” local backups since storing a copy at a relative’s place is gonna be a hassle. I’m also debating using a hardware key for DB2, but I’m kind of worried I might lose it or something, and if I just store a backup key at my relative’s place it’s pretty much pointless.