Keepass

Contents

Description

KeePass(X) is a tool to store and manage passwords. It is freely available for

KeePassXC create/open/edit/save password-databases in a single file.
A password-database is basically an encrypted file, where you can store your various usernames/passwords/URLs and also attachments like pictures or other important / private documents.
A password-database can only be opened if you know the Master-Password. The Master Password is the key to all your stored passwords.
If you forgot your Master-Password, you cannot access your stored passwords anymore.
Encryption -- either the Advanced Encryption Standard (AES) or the Twofish algorithm are used for encryption of the database in 256 bit sized increments
All features: http://www.keepassx.org/features/

Start KeePassXC:
- Ubuntu / Thinlinc: Applications > Accessoires > KeePassXC
- command line: keepassxc
You can use the same password database on different computers if they have KeePassXC installed.
When opening KeePassXC with a database, you will be asked for the master password of the file.
When a password database is open, KeePassXC "locks itself" after a certain amount of time. After that you have to unlock the file again with your master password.
You can hide/view usernames and passwords by clicking on "View" --> "Hide Usernames" and "View" --> "Hide Passwords"
You can right-click on an entry and choose "Copy Username to Clipboard" or "Copy Password to Clipboard". You can then paste the password. After a few seconds, the password is no longer stored in the Clipboard.

Click on "File" --> "New Database..."
you will be prompted to set a master key. Input your master password (the master password for all your other stored passwords). Then click "OK"
repeat your master password. click "OK".
chose a group. (Standard choices are Internet of eMail. You can also create your own groups).
click on "Entries" --> "Add New Entry..."
Input the information you need
- Title: a short description of the entry
- Username: your username
- URL: on what homepage do you need the password
- Password: your password
- Repeat: repeat your password
- Comment: a longer description of the entry
click on "File" --> "Save Database"
chose a location and a name for your password database. click "OK"

Only use a cloud service if you need to sync your passwords over several devices.
Decide on your own:
- Pro 'cloud':
  - all of your confidental data on all devices.
  - creates automatically backups.
- Contra 'cloud':
  - If your cloud access is compromised or the cloud service provider is compromised: the thief owns the treasure.
US based cloud provider like Google Drive, Dropbox, Apple iDrive, Microsoft OneDrive:
- Those services are very attractive to hackers.
- The NSA has the right to get all data from US companies. After Snowden it's for sure, the NSA is not friendly.
- Rule of thumb: Don't use US hosted / company based services for confidential data.
Local cloud storage provider:
- https://drive.switch.ch - Switch Eduction cloud service - switchdrive
- drive.math.uzh.ch - I-MATH
How to:
- On all devices where you like to sync your KeePass database file, install and configure drive.math.uzh.ch
- Open the KeePass database file on all of your devices directly from the cloud folder.

KeepassXC can be used from within a browser (Chrome, Chromium, Firefox, Vivaldi, Brave, ...)
Browser connection to KeepassXC is nice: different browsers offer the same accounts/credentials - if synced via cloud than also on different computers.
TOTP service (one time token).
Passkeys support.

Finally: no more MS-Authenticator app needed, no more single device dependency, login to any MFA protected website without a mobile phone.