Visual KeePass Key File Security

These are at most 120 possible tiles using 9 bits that remain unique under rotation. Double-sided gives us a total 60 tiles to pick from. The algorithm for generating a KeePass key file is as follows:

Randomly:

1. Pick 36 of the 60 double-sided tiles = 60 permute 36 = 60!/(60-36)!.
2. Flip each of the 36 tiles to pick a side = 2^36.
3. Rotate each of the 36 tiles 0, 90, 180, or 270 degrees = 4^36.

This gives us a total of 2^36 × 4^36 × 60!/(60-36)! possibilities, or a symmetric security of 301 bits. KeePass and KeePassXC will hash the key file with SHA-256. As such, we can guarantee a symmetric security for your password vault of at least 256 bits, regardless of the strength of your master password.

Side A and Side B are exclusive-or to each other, thus creating a perfect "heads" and "tails" pattern.