Applies to windows clients like Vista, 7, 8 What are the security consideration when running a tool that has a passwort parameter from a URL in keepass.
Is it completely moronic to do so or is it "safe enough" if your machine is reasonably secure (up to date virusscanner with trojan detection etc, local firewall, encrypted hdd).
Reason is, i would like to keep credentials for any sort of system in keepass and open the connection by running the URL so i could connec to for example to a LDAP directory with ldapadmin.exe, SSH via Putty, WinSCP with an addon for it and also Windows Remotedesktop connections via a special command line tool.
I am however weary and would like to be able to make a case against security conscious coworkers or IT security staff.
So in sum: how secure or unsecure is it to run windows tools from KeePass passing the password as a command line parameter. Autotype is often tedious and if it really really is safer i do doubt as it is something passing the windows event qeue and thus potentially easier to grab.
Thanks for your time spent on elaborating a reply :-).