Two-channel AT obfuscation is currently broken in Keepass with Windows 8.
The resulting passwords don't match the stored ones. (I can confirm this definitely for Windows 8.1 + KeePass 2.24 & 2.24 )
I have yet to find out about the concrete cause ...but i have a strong suspicion that this is related to Windows 8's policy to disallow UIAccess ( applications sending keystrokes ) for non-trusted applications.
The requirements for a "trusted" application are: - software has to be signed - software has to provide a manifest - software has to be stored in a "safe" location ( Program Files , Program Files (x86 )
PLEASE include an option to make two-channel obfuscation optional and not auto-enabled on every settings-save. While you can manually remove the checkmark after storing settings and save the entry again ... this is pretty annoying currently.
Just leave it up to the user if the wants the TC passwords pasted with two-channel obfuscation. Though generally a good idea ... most users don't use it anyway as it's not checked by default for new entries.