Keepass has an option to "encrypt in memory" certain passwords, sensitive information.

The point of encryption is often times about what other software or hardware attacks are minimized or eliminated.

However, if someone figures out access to a running system, theres really no way to both allow an app to run and keep everything encrypted. It certainly is possible, like the way keepass encrypts items in memory, but if an attacker has root on a server, they just wait for it to be accessed if not outright find the key that encrypted it.

This is to say, 99.9% of the apps and these platforms arn't secure against this type of low level intrusion.

▲

SAI_Peregrinus 2 days ago | parent [-]

Even Keepass's "encrypt in memory" option leaves that encryption key in memory, so it can auto-type or copy passphrases into form fields. It's an extra step, but not unbreakable.

	▲	ErroneousBosh a day ago \| parent [-]
		And even then the passphrase is put into form fields in plaintext, so there's got to be some sort of attack to grab those. They must be in memory decrypted at some point. It always comes back round to "you can't have your cake and eat it".