What is Reddit's opinion of
Keepass2Android Password Safe?
From 3.5 billion Reddit comments
Popularity Score: 275
This app was mentioned in 397 comments, with an average of 5.65 upvotes
Best Comments
Keepass, storing the .kdbx files on Google Drive or Dropbox.
- Free
- Doesn't break in android apps (using Keepass2Android, seriously these guys figured it out, why can't lastpass or 1password?)
- Syncs across all your computers and devices (and there's a chrome plugin so you can use the synced files)
- Has a way to log in on a public computer... not really unless you can get your own chrome window started
- Never takes more than a second to log in... usually my stuff takes about a second
KeePass2Android. Before installing this app, I hated creating new accounts because it would force me to memorize another complex password. Using the same password for every site is insecure, so that wasn't an option. Now that I'm using a password manager, I only have to remember a small number of secure passwords. KeePass2Android changed my digital life by making it more secure and less dependent on my memory.
>free, noninvasive manager
KeePass
>that syncs across all my computers and devices,
put the kdbx file in your dropbox folder
>doesn't break in Android apps,
Keepass2Android works with copy/paste or with its own more secure keyboard for android (you literally click a button username and a button password and it's on the fields by themselves)
>has a way to log in on a public computer,
you're asking to have your passwords stolen, you shouldn't enter any sensitive info on a public computer but if you want to have them stolen you can use Keepass on the public computer, it doesn't need any special privilages, portable, run, open kdbx, done on getting your passwords stolen
>and never takes more than a second to log in.
Literally 1 second difficulty is the recommended by KeePass (it has an 1 second button), you use that 1 second to avoid brute forcing
Keepass2Android is great, and also free/open source. It even has a PC version that you can sync via Dropbox or Google Drive.
I use Dropbox; on Windows, you have the Dropbox sync app; on Android, I use Keepass2Android which has a Dropbox option for accessing the file.
I'm using Keepass2Android Password Safe that's compatible with Keepass file and works with file in cloud: https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Keepass2Android Offline is the offline version for local database: https://play.google.com/store/apps/details?id=keepass2android.keepass2android_nonet
Both are free and without ads.
I personally like Keepass2Android better because of the QuickUnlock and the K2A Keyboard.
https://keepass2android.codeplex.com/
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I've been using Keepass2Android for a while now and never had any issues with it. Opens your keepass file directly from GoogleDrive/OneDrive/Dropbox or local storage, allows you to copy username and password from a notification, auto-locks the database if you forgot about it. I think the only negative thing I could say about it is that it is that its password generation doesn't remember what you set it to last time.
I personally use Keepass2Android.
There's better QoL features than Keepass Droid.
- Resync the database file from your cloud provider automatically.
- Use the Password Manager API of the recent Android versions. (So you have a Fill with password manager that pop up on login prompts (Even in native apps)
- Restrict the app to work with internal cache only.
- Quick Unlock (Keep the database unlocked in BG and require your fingerprint / password to unlock it without having to wait for the key rotation.) Technically less secure but QoL toggleable feature.
- Fingerprint unlock.
I really like it now and can't go back to Keepass Droid.
Both are opensource too.
Keepass2Android supports 2.x file format.
You can have your file synced with Google Drive or anywhere else on your phone.
I suggest using KeePass 2. Save your database in Dropbox. Use KeePass2Android on your phone. Set Dropbox on your phone to keep an offline copy of the database file and KeePass2Android can be set to use it.
Any computer you have Dropbox on will be able to use the database. If you add a new key on your phone or on any computer, the database will be automatically synchronized.
Works wonderfully.
I use Keepass2android. I also use keepass on windows and everything else.
I've used the desktop and IOS versions for years and been very happy. I've used Keepass2android since i got my S8 a couple months ago. Also happy with the app.
If you want to be truly independent with the password manager, I would suggest KeePass.
It is open source, available for almost any device, be it Windows, Linux, macOS, iOS or Android (app name is KeePass2Android and it supports Android's AutoFill), has secure encryption for your password files, over whom you have full control yourself and can synchronize them via any cloud service you prefer, or only manually if you prefer.
Gibt für Android entsprechende Clients. Du brauchst nur deine persönliche kdbx-Datenbank auf den Androiden zu kopieren und dann dort öffnen.
z.B. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Keepass2android with the kdbx file hosted on Dropbox. MacPass on my laptop accessing the same file. Can't believe I only started using this last year. Cross platform, instantly backed up, and free.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I use KeePass2Android and recommend it. It's free and open source. It stores the db in the cloud on the service of your choosing, (encrypted, of course) and shares the db with KeePass on your computer.
I don't know anything about accessibility.
to be on the safe side you could use the keepass android keyboard when typing the seed which is open source and doesn't store stuff
I've been using KeePassX for a while now. You can use that on any computer you own whether it's a Windows, Mac, or Linux machine. It uses KeePass2 databases (.kbdx files) that you can also open in various other password managers, including Android ones (I'd assume there are some for iOS and Windows mobile phones but I honestly don't know).
It doesn't look very pretty but it does what it's supposed to. Only thing that I dislike about it is that it's using a folder structure instead of a tag structure for organising passwords, meaning you can't have the same password entry displayed in two different locations.
Keepass2Android is Open Source and also has an offline version that doesn't require the internet permission.
Check out Keepass. It's available for every platform.
For Android I recommend using Keepass2Android Password Safe.
You can sync them via various methods such as FTP, Dropbox, etc.
KeePass is opensource and so the source code don't have any backdoor and the encryption / implementation is checked often. You can use it with any os. If you need sny feature you can use the password file with Dropbox. For Android I recommend https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
Ios:http://minikeepass.github.io/
Deepening of the app you use you can use 2nd factor authentication or your fingerprint for temporary unlock the file.
I use Keepass for Android. It's an encrypted file with my passwords inside, I just need the password for the encryption (which I can bypass with my fingerprint).
It comes with a keyboard. When I need to access a password I just change keyboard, press a padlock button on it which opens the app. I input the password for encryption (my fingerprint) and select the one I want.
It flips back to the app I was using but the keyboard now only has 2 buttons: username and password.
I love it. The encrypted file is in Google Drive so I can access it with any of my Android devices, or use the program on any computer too.
It also has a password generator and an option to automatically pull a password when you need it (but the passwords are then tied to the app you require it for. I swap apps a lot so it's useless to me) accessable from the notification share.
It's also free and open source. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Another vote for KeePass here.
I use Keepass2Android on my phone/tablet, and the Windows version of KeePass 2 on my work & gaming PCs, then keep my data file in a dropbox folder so that all my changes, no matter if I do them on desktop or mobile device, are automatically synced between all devices. Seamless!
Take a look at KeePass2Android
https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
I personally use the offline version (https://play.google.com/store/apps/details?id=keepass2android.keepass2android_nonet&hl=en) with the DB set as a favorite in Dropbox which keeps a local copy synced to my device. The keyboard that accompanies this app is awesome as well.
I prefer Keepass2Android for the interface and sync abilities. It also include a keyboard to input the username/password without using the clipboard (which can be potentially exploited).
It's also open-source but unfortunately not available on F-Droid.
I personally use Keepass2Android Password Safe which is also open source and it's community seems to be somewhat active (I don't hang around the repo too often), and so far I hadn't had any issue with this app.
About syncing a database, well, K2A can use some cloud providers to accomplish that (Dropbox, OneDrive, Google Drive, OwnCloud), even some protocols (FTP, SFTP, WebDAV), or from your SD Card.
As always with this kind of decisions, it's up to you which method is suitable to your needs and requirements, as not everyone is eager to store the kdbx on a cloud provider.
In my case, I'm using the syncing via Dropbox, and I'm ok (so far) with that. The setup is easy, also I dont need to have Dropbox installed in order to work with it (IICR it uses the Dropbox API), and the access to the Dropbox account can be limited to the app folder, or total. Again, that's up to your requirements.
As an alternative, I'd suggest
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
which can be synchronized through a bunch of cloud services (Gdrive, Dropbox... even Owncloud). Then you can use KeePass/KeepassX to sync passwords with your laptop/PC, if you want.
I use Keepass+Google Drive.
Keepass2Android - The Android app I use.
Keepass.info - The program I use on my PC.
I'm using keepassxc for my linux devices and keepass2android for my android devices. They both use the same file which is synced through an owncloud server I have. :)
it's free and open source
db is locally stored
you can store db on Google Drive, Dropbox etc.
fingerprint unlock
it's cross platform (linux, windows, osx...)
You really shouldn't use the same password for different things.
Get a password manager, and create a unique password for each website/service. I use Keepass on Windows, Keepass2Android on my phone/tablet, and store the database in a Dropbox folder on all devices so they're all automatically synced.
Just make sure to use a secure password to your Keepass database and don't forget it - write it on a piece of paper and store it somewhere safe if you must.
Storing passwords in plaintext is a very bad idea. I suggest you try using this and sync your database where you need (you can use Google Drive)
Some days ago Keepass2Android got a beautiful Material update. And it's free. He has a donate option though, where he asks for a beer.
KeePass works by storing your passwords in an encrypted file that you control and can backup. If you store that file on a cloud storage provider like Dropbox, you can then open the file from multiple devices.
I use Keepass2Android on my phone, it has built in support for files stored on Dropbox, and it caches the file locally so it works without internet after the first use.
KeePass2Android, not that its ugly or needs it, its functional enough and does ok.
It is open source and kudos to dev to keep it updated, it supports the native oreo auto-fill and has made my life easier.
KeePass2 (e KeePass2Android) con db remoto e keyfile locale. Ha le estensioni per browser, il generatore di password, è free e opensource.
Keepass è amore.
Il mio è perfettamente organizzato in sottocartelle con le icone belle in oprdine e ci tengo dentro anche altri file quali scansioni dei documenti, carte di credito, ecc.
Master password bella complessa ma facile da ricordare e facco generare a lui tutte le password per i vari siti che mi servono (in pratica ormai non conosco nessuna password dei miei account).
Ogni 3, 4 mesi (o ad ogni modifica al db molto importante) mi faccio una copia del file in un'altra posizione (una su Gdrive e una su Onedrive).
Con Keepass2Android ho il mio file sempre a disposizione anche sul cellulare (e quindi anche le fotocopie dei documenti).
Lascia stare i vari plugin all'inizio (soprattutto quelli di autocompletamento che tanto per inserire i dati basta un doppio click su username o password). L'unico che uso è quello per scaricare le favicon dei siti.
EDIT: ed ovviamente all'inizio, per spingermi ad utilizzare keepass, ho disabilitato il salvataggio in automatico delle password nel browser. Per alcuni siti lascio comunque la spunta su "ricordami" in modo che la sessione si sempre aperta ma il browser non ha memorizzato la password.
This is what I use as well. Although I use Keepass2Android on my phone.
You can "cloudify" KeePass by putting your kdbx file on a service like OneDrive. If you do this, I recommend generating a key file to open it that's NOT stored on the cloud, only on devices you use to access your kdbx file.
and also for mobile,
(only the ones I have personally tested, there are others)
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
https://play.google.com/store/apps/details?id=com.hanhuy.android.keepshare
Ich selbst verwende Keepass2Android in Verbindung mit Dropbox. Wird hinreichend gut gepflegt, unterstützt die Freigabe mittels Fingerabdruck und macht einen sehr gelungenen Eindruck.
​
Heise dazu:
>Für Mobilgeräte gibt es keine offiziellen KeePass-Apps, sondern Community-Entwicklungen. Durch das gelungene Material-Design-UI und die einfache Nutzung fällt hier „Keepass2Android“ positiv auf.
>
>Auf Wunsch kommt Keepass2Android mit eigenem Screen-Keyboard, was einem möglichen Angriffsvektor durch Tastatur-Apps vorbeugt.
​
Letztendlich muss man natürlich in jede dieser Apps (auch in KeePass selbst) ein gewisses Maß an Vertrauen einbringen. Theoretisch wäre es immerhin möglich, dass mittels Backdoor DB und Passwort vom Entwickler ausgeleitet werden.
KeePass for all you open-source people.
For free on every platform, and can sync all your passes.
[www.keepass.info](www.keepass.info) (yeah, doesn't look that fancy)
And KeePass2Android for Android
And KeePass Touch for iOS
Open source and I've been using it for a while now with no problems. You can easily create backups to store anywhere you'd like. https://keepass2android.codeplex.com/
Yes, Keepass2Android works really well on Android and can sync the database with a server using Dropbox, Google Drive, SkyDrive, FTP, or WebDAV.
I'm a KeePass user too and can only recommend it.
I especially like that I can use the same password DB with Windows, Linux (using KeePassX) and Android (Keepass2Android).
It's very convenient to use too, you simply go the login page, Alt+Tab to KeePass, then hit Ctrl+V and you're done (username and password will be typed in automatically). You can also use Ctrl+C, which will put the password in the clip-board and then erase it again after few seconds.
Remembering on which sites I've already signed up and with what username is a lot simpler for me now too.
KeePass2 on desktop.
Keepass2Android on Android.
You can sync the KDBX file between desktop and phone by your preferred solution, such as Dropbox or Google Drive, etc. I'm using FolderSync to download to phone once a day, as the only place I create new entries is desktop.
Für Android Geräte ist Keepass2Android ziemlich geil. Bringt zum Beispiel auch die Synchronisation mit Dropbox mit.
Keepass can copy your passwords to the clipboard, so you can basically paste them anywhere, including your game clients.
There's a good Android app available as well. It includes a custom keyboard, allowing you to 'type' your passwords (or just copy them). It can sync with the file on your PC by using any cloud provider you choose. The iOS apps are less impressive imho.
Edit: typo
Wie andere hier kann ich KeePass sehr empfehlen. Hier kann man es runterladen.
Das wirklich praktische, hier noch nicht genannte an dem Programm ist, dass man seine (verschlüsselte und dadurch absolut sichere) Passwort-Datenbank in automatisch synchronisierten Ordnern ablegen kann (z.B. von Dropbox, OneDrive, GoogleDrive, Box, etc.). Dadurch kann man immer und überall auf seine Passwörter zugreifen. Keepass gibt es auch als portable Version, das heißt, man kann es auf einem USB Stick mitnehmen und muss es auf anderen PCs nicht mal installieren.
Besonders praktisch wird es, wenn man noch die Android App https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=de verwendet, und von dort zur gleichen Datenbank synched.
Sorry für die Werbung, aber m.E. sollte jeder das Programm nutzen.
Chris, what is the problem with KeePass? Have you checked keepassXC? https://keepassxc.org/
In android I use: Keepass2android https://play.google.com/store/apps/details?id=keepass2android.keepass2android
LPT: Using KeePass 2 in combination with Dropbox and Keepass2Android, you can stop worrying about having vulnerable passwords in your phone, as the app allows you to paste the passwords with the tap of a button.
I've never used it, but I opened up Keepass2Android Store link here and played around with the settings in the app until I found mention of TrayTOTP.
Looks like it's a plugin for the desktop version? Sourceforge link here.
> on my android I use KeePassDroid
I used to use it, but now I prefer Keepass2Android. It looks a lot better, and I find it nicer to use.
Keepass2android is the not official but definitely sanctioned android app. I use it and it works famously.
Su PC sincronizzando la cartella del db in locale tramite l'app di Google. Su android pensa a tutto Keepass2Android
KeePass is a free password manager that's worth using, and there is an Android version too for your phone. (I believe there are compatible iOS apps if you have an iPhone, but have no personal experience of them). If you store the database file in a Dropbox folder (and install Dropbox on your phone and PC) it will auto-sync between your devices.
Then you can have a unique login for every service you use (just don't forget the master KeePass password, or you're really screwed!), which is highly recommended. And don't forget to enable 2-factor authentication on those important accounts (email, bank accounts, etc).
Look on the bright side - they could have hacked into your bank account or, potentially worse, your email account, which could have been disastrous.
On Android I use Keepass2Android, which is open source. You can open your database directly from your Google drive (or other cloud storage) and synchronise any changes back to it. After opening a database you can set it to open with your fingerprint, if you wish. It supports Android's auto complete feature in login fields, which is awesome.
On iOS I use Minikeepass, which doesn't sync back, so I download database from cloud drive, Open with Minikeepass and use it "read only" basically.
For Android I use Keepass2Android, never had any problems with it. Apart from that I use Kee with Firefox.
And here's the Windows client.
I've had zero problems with heat on this phone, so my answer would be a solid no.
> Edit: I just want a simple and offline app. I don't need cloud backup :)
Keepass2Android then. Uses FOSS Keepass database format.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Yeah in conjunction with Keepass2Android you can store it somewhere safe and still be able to access it from your phone, PC,...
There is an Android app for it called keepass2android that syncs with all the popular cloud services.
On the desktop one elegant solution I've started using is to setup [rclone](www.rclone.org) with Google Drive and make a small script that syncs my password file with Google Drive. I also made a desktop icon for the script so I just need to click whenever I need to sync.
Keepass is a great solution to manage passwords. Just put the key file in something like Dropbox and you can access it from any device, always in synch. Fingerprint sensor works, also.
There is no need to pay with KeePass.
KeePass2 on windows is open source. It has all the tools you need to customize and build a password management database that is under your control and your personal preference.
KeePass2 has a bunch of plugins, one of them is Google Drive Sync, you can use that and sync the database with Gdrive. On android you can find KeePass2 for Android on the playstore and it already has built in Gdrive sync capabilities.
Both use autofill as well.
I Haven't experimented with 2FA, but I think there is a plugin for keepass2 that allows you to setup 2FA.
What help do you need?
Keepass is pretty straight forward to use. Create a new database and use a good strong password + a generated key file. Save your database file to whatever cloud storage provider you use (dropbox/drive/etc.). NEVER SAVE YOUR KEY FILE TO THE CLOUD. Instead manually copy the key file to all the devices you plan to access the password manager from. For super security, set the database to use Argon2 + ChaCha20 and click the '1 second delay' to automatically adjust the key derivation function settings so that it takes ~1sec to unlock your database.
Personally I don't use any addon to integrate KeePass with my browser. It's much more secure to just copy or auto-type the password directly from KeePass. However, for convenience, you could use a browser addon to autofill passwords.
For your android device, I'd recommend using Keepass2Android. Make sure to use the included keyboard for entering passwords on your mobile device. Cut and paste is not a secure way to enter passwords on mobile, because all your apps have access to the shared clipboard.
Sounds like you were using KeePass v.1.x?
- KeePass 2.x handles simultaneous database use on multiple devices beautifully. I've never had any issues with database duplication/corruption.
- the KeePass2Android app is pretty good, and seems to compare favorably to the competition considering Team-Sik findings.
- Lack of browser support is a feature not a bug. I can't understand anyone in their right mind wanting to extend the security perimeter for all their passwords to the browser (i.e. the least secure and most exposed software on their system).
I used Keepass2Android before I switched to LastPass.
It was actually a pretty good setup, I had my database on my Google Drive account and loaded it from there on all my devices so everything was synced.
The main reason I switched was that I was trying out a bunch of different solutions for ~1 week each to see which one I liked the most and I liked LastPass' integration into browser.
(And also, I play a lot on my phone so when it's dead I wanted to be able to still see passwords if I borrowed someone's pc. I don't think KeePass can do that?)
If you're concerned about using LastPass or something similar, I'd definitely recommend KeePass.
I use KeePass2 for all my passwords. It does have Android apps, I use Keepass2Android. I also use Google Drive and OneDrive to store back ups and synchronize the database.
I have a key file that is stored local only on my phone/computers that is used as part of a composite key to unlock it.
I also have 2 encrypted USB thumb drives with backups; one at my home and another offsite just in case.
There are still probably holes in this somewhere which someone may point out (please do) but I'm 80% confident that this should be safe unless someone REALLY wants to fuck my shit up.
Version supporting cloud sync: https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Offline version (https://play.google.com/store/apps/details?id=keepass2android.keepass2android_nonet) actually was made to satisfy paranoics.
Anyway, you can open database file from Dropbox cache manually and it would work flawlessly. That's how I use it on my Windows and Linux PCs.
Look up keypass man, its fantastic, and Titanium Backup can save you a lot of time too.
Keypass will keep all your passwords in an encrypted file which will unencrypted with a password. To make it even more secure and usable cross device I keep the file in Google Drive, which requires my Google password and 2 factor authentication using the app.
The problem with the 2 factor is I keep the Authenticator app on my phone. When I factory reset my phone I would need to sign into Google, download the app and then set it up again, and I need the Authenticator app or a code to sign in.
To get around this I have the Authenticator app saved using Titanium Backup as a zip file that is flashed in recovery.
My basic flash is: Factory reset, flash ROM and gapps if required, boot, setup without signing into Google, reboot into recovery, flash Authenticator backup zip, reboot. Then open Titanium backup, restore old id (reboot). Restore Authenticator settings from Titanium and sign into Google. Restore other apps in Titanium and sign in to the ones that have forgotten passwords using Keepass.
It sounds long winded, but it's a couple of flashes and a couple of reboots. The longest wait is the ART boot and Titanium Backup restore.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
If you haven't tried it, give a try to KeePass2Android. It comes with its own keyboard which allows you to type usernames and passwords without using the clipboard.
It also come with cloud syncing builtin, and make sure you have a cached copy in case network access isn't available.
😀 the KeePassXC variant here and Keepass2Android
no on-line account required, and does not save to the cloud
use it how you want: auto-type, global shortcut key, copy/paste, optional browser add-on
has a "Notes" box (for whatever text you need)
can handle TOTP too (two-factor authentication codes)
and lots more (search box, password generator, multi-platform, portable versions, ...)
Before password managers became popular I was using an encrypted spreadsheet, I find KeePassXC so much easier and neater.
Tens alternativas que funcionam :)
Eu usava este:
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
É inclusive um dos recomendados pelo keepassxc:
I agree that the Keepass ecosystem has pretty bad UI, but FWIW - there are Keepass apps for Android. Here is one of several: https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en_US&gl=US
I just remember there is a separate version of Keepass2Android, specifically for Offline only use, as you prefer that.
Take a look at https://play.google.com/store/apps/details?id=keepass2android.keepass2android_nonet
KeePassXC desktop app. Free, open-source, cross-platform. Create a database for TOTP and sync it with multiple device. Use Keepass2Android for Android or Strongbox for iOS to use the database. Both are open-sourced on GitHub.
It doesn't have an official app but I use Keepass2Android and it works very well. There are a couple of other clients too, if you like those better. It uses the auto fill API so entering passwords is automatic. Also supports fingerprint unlock. For the browser extension you can use Kee. The KeePass website has a list of plugins for syncing and the like. You can choose whatever solution suits you best.
KeePass takes a bit more effort to set up, but once it is setup it works fine. Hope this helped!
> I didn't go with KeePass because of the syncing between devices story, and also because I don't know of a good mobile client.
I'm using Syncthing to synchronize my database between my devices and Keepass2Android as a client on my phone and it's been great. Keepass2Android does everything I need, including fingerprint unlock and auto-fill. And Syncthing keeps everything in-sync without having to rely on a dedicated server (except for their announcement server).
Another option for password managers that I really like and recommend is KeePass which is also an open source password manager but with the twist that it is completely offline. The program creates an encrypted database with all types of information that might be relevant to an account (i.e. you can store username, password, a PIN, 2FA codes amd more for a single entry and all of it is encrypted and can be neatly organized), but you can still upload the encrypted password database to a cloud storage service like dropbox to get an experience similar to last pass.
There's also a port of keepass for android called KeePass2Android that uses the same type of database file and is very well made with nice ui. This means that you only need to copy the file from your desktop to your phone to use your passwords with your phone. It supports AutoFill with Android 8 Oreo but also includes a software keyboard that is used to 'copy' the passwords to the desired field that works with most Android versions. I put "copy" in quotes because it doesn't actually copy the password to the clipboard where it could be sniffed by literally any other app. I encourage anyone to try it and play with the settings because there's lots of features that are customizable (you can change whether you can unlock the database with your fingerprint after unlocking with the master passwords once, etc)
Please do as he said and use a good diceware passphrase for a master password and write it down on a piece of paper that you can keep in a safe place. Maybe even a safe deposit box.
Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
None, unless it's stolen while you have the database open and normally you should enable a reasonable inactivity timeout in the settings.
I use this one everyday and it works great. It does sync cloud storage very well.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Edit: guess you were talking about the iPhone ones that didnt
> KeePassXC on Android
You are talking about KeePassDX and not KeePassXC right? Because KeePassXC is not available on Android. I personally use KeePass2Android which is sadly not available on F-Droid but is FOSS and with which you can use Nextcloud/GDrive/Dropbox etc. to sync your database.
I use keepass, but specifically keepass2android on my phone.
It should also be on fdroid last I checked
I run my own Nextcloud instance on a shared hosting and keep my KeePass file there.
I use KeePassXC on both windows and Solus, both works perfectly.
On my phone, I use Keepass2Android and sync the file using Nextcloud Android app.
This whole setup works without any fuss. You can also use Dropbox to sync but I had some problems with windows not being able to write any changes.
Just passwords, nothing to be done about your email. You should be using a unique password for all websites if not look into a password manager like keepass. The excellent keepass2android allows you to store the database on Dropbox, Google drive, Microsoft's box, Nextcloud ect.
I personally use keepass, especially because it doesn't require internet- and thus also doesn't store any of my passwords online. I have 100% control of my data and I can make my own backups. It may take some time to get used to it, but it works very well. If you want to, you can get the file where all the passwords are used and set it on your pc as well- there's a pc application in addition to the android app. It's free, but donations are always appreciated by the developer- He deserved them in my opinion, the app is frequently updated.
When it's "not detecting the right site", what does it end up detecting, as an example? Unfortunate about changing the keyboard, but from what I read, that was the most secure method of being able to paste creds from an Android application. From the play store page:
>== Keepass2Android Keyboard == A German research team has demonstrated that clipboard-based access of credentials as used by most Android password managers is not safe: Every app on your phone can register for changes of the clipboard and thus be notified when you copy your passwords from the password manager to your clipboard. In order to protect against this kind of attack, you should use the Keepass2Android keyboard: When you select an entry, a notification will appear in the notification bar. This notification lets you switch to the KP2A keyboard. ON this keyboard, click the KP2A symbol to "type" your credentials. Click the keyboard key to switch back to your favorite keyboard.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
BitWarden is even less attractive to me than using the same password on every site.
I prefer Keepass. Its open source and encrypted by AES and Twofish. Has the option of storing database as offline only if you don't wanna sync to cloud service (Drive, Dropbox, etc)
KeePass is my favourite; not only is it free, but if you store the data file in a Dropbox folder, then you can use Keepass2Android on your tablet & phone, and have all devices keep perfectly in sync.
> But if you save your KeePass file on Google Drive, how will you know your password to access your Drive?
- you could use a normal password (one you can remember) for Google Drive.
- you could make an offline backup of your KeePass file (or of a separate KeePass file that only contains the password necessary to get into your Drive) and use that to access the Drive and through that your KeePass database.
Don't know about using KeePass with 2FA. You can use it to store the codes but I've never tried actually authenticating myself using KeePass.
This app allows you to use your fingerprint instead of your KeePass password, though you do need to use the password at least once.
I agree that you have to trust the 3rd party developer which is not ideal.
For the "clean and user-friendly" I would say that Keepass2android is pretty decent.
I put my kdbx file in my Dropbox and then I just use Keepass2Android to access the file. It works great. Not that that solves the native support issue, but it's a fairly painless solution (for me).
I save my file on Dropbox and have Keypass2Android auto sync the file to my phone, it's the perfect solution for me.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
If you are allowed to use usb devices on your work computer and have a rooted android phone (and there is a patched kernel for it), you can use Keepass2Android.
The computer will recognize your android phone as a usb keyboard and keepass than can type in your login automatically.
edit:
The plugin: https://play.google.com/store/apps/details?id=th.in.whs.k2ausbkbd
Just in general: If you are a bit tech savy keePass is the way to go. But if you don't want to fiddle around a bit and just want it to work, i recommend 1Password.
Anyways, best to use keepass on Chrome is ChromeIPass but you need to install a plugin in your keepass aswell. There are other methods like CKP but I personally like my first mention better.
If you want to have access on your phone or other devices, use dropbox or Drive to sync the keyfile and on Android you got Keepass2Android. Dunno about any iOS apps but there certainly will be some.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
The beta has this feature, works pretty damn good. Been using for weeks.
Edit: Also support dropbox/synch out of the box!
There are browser extensions. I use KeeFox, which works very well, but it can be a bit of a pain to setup in Linux.
Keepass2Android works painlessly with a cloud stored database.
I don't have a fix for KeePassDroid, but you could give a shot to KeePass2Android, which comes with multiple online storage integration built-in.
I use KeePass 2 android, it has a password keyboard. You can launch it with the select keyboard notification rather then it always being open.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Are you familiar with password safes? I myself use KeePass on my desktop machine to manage all my secure (as in long and complicated) passwords. You only need to remember one master password to open your password safe.
This password safe can be synced across devices using Google Drive or DropBox, so the Android counterpart KeePass2Android can also manage and use the very same passwords.
There are several apps for this scenario. I still recommend KeePass2Android because
- it's free
- it has no ads
- it comes with a virtual keyboard to easily enter your credientials anywhere
This approach has nothing to do with Tasker but to me it seems quite a bit simpler than with Tasker... Please note that i love Tasker, though.
That should be standard practice, anyone reusing passwords is asking for trouble
EDIT: Hijacking the comment to recommend a great password manager:
KeePass 2 (main program)
+ Keefox (plugin that makes it auto-complete forms like LastPass in Firefox)
+ KeeOTP (plugin that generates TOTP (2fa) tokens like Google Authenticator in your PC, can also be automated with AutoType)
and Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
It works as a password manager, a password generator to auto generate good passwords, LastPass clone (with Keefox) and TOTP 2FA token generator on PC and mobile.
Just choose simplicity and security.
I highly recommend people start using KeePass. I really like Keepass2Android because of QuickUnlock and the keyboard.
I've been using Keepass for years now. Best thing, it's multi-platform, so I can use it on my Windows machine, and Android phone.
If you want to use Keepass, here's what I do.
- Google Drive is where I store my encrypted Keepass database for cloud access
- On Windows, I install the latest Keepass program
- To sync my Windows database with Google Drive I install the Google Sync Plugin
- On Firefox I install the Kee addon
- On Android I use the Keepass2Android app
Getting everything working is a bit of a learning curve, but worth it since you'll have a multi-platform password manger for free, but always consider a donation.
People need to learn about keepass. The program is open source and the database is kept locally (or wherever you like really, including dropbox or google drive).
This means you don't have to worry about lastpass-style breaches, since you're in control of your own database. Of course that also means that if you forget your password or the media the database is on gets destroyed, it's gone. If you use a sharing platform like google drive, they only see the encrypted side of your database, so you're generally safe (theoretically crackable, but not really possible given current technology).
Point is, if you start using it properly (and there is some discipline involved in changing account creation habits), soon you'll have a database full of your passwords and a unique password for every website. vastly decreases the chance of identity theft. People's accounts don't get hacked because of password complexity (usually). They get hacked for having the same password with everything else, accounts that you have no control over security breaches.
You can also set it up to work transparently in firefox & chrome (firefox one works better) using passifox or chromeipass. It just asks you to save the password, but instead of saving into chrome/firefox's potentially insecure database, it saves it to your keepass database. You can even use it on on your android phone.
The nice upshot as well is I never forget a password because I don't know what they are to begin with. I just let keepass handle it.
Keepass2Android is by far the best Keepass app for Android! I highly recommend it.
Just a reminder - to be safe from password leaks use different and strong passwords in every site. I recommend:
KeePass 2 (main program)
+ Keefox (plugin that makes it auto-complete forms like LastPass in Firefox)
+ KeeOTP (plugin that generates TOTP (2fa) tokens like Google Authenticator in your PC, can also be automated with AutoType)
and Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
It works as a password manager, a password generator to auto generate good passwords, LastPass clone (with Keefox) and TOTP 2FA token generator on PC and mobile.
Just choose simplicity and security.
These are my most used apps recently.
With the help of MyFitnessPal and StrongLifts 5x5, I have lost 14 pounds in about 3 weeks.
Due to the recent adware ES has been installing, I would reccommend Solid Explorer. It is a fantastic file explorer and works very well.
I use KeePass to keep all of my passwords secure and encrypted. It is free and open source.
Pujie Black in my opinion is the best and most customizable watch faces for Android Wear. Endless opportunities for customizing.
Slide for Reddit is the best Reddit client I have used. I switched from Sync (great app) and haven't looked back. The developer is great as well, which is always a plus.
Swipe for Facebook is my preferred Facebook client. It is great on battery and gives that official app feel. The developer is absolutely fantastic and puts out updates and fixes(due to Facebook's ridiculous policies) constantly.
Last but not least, KLWP is unparalleled in its ability to customize your homescreen. If you like theming and haven't used KLWP, you don't know what your missing. Checkout /r/androidthemes to see what KLWP is capable of.
Here are the links:
Use Free Software instead of proprietary. Especially for something like a password manager.
Keepass2Android is a good password manager. Use KeePassX on desktop.
If you're a GNU/Linux user and comfortable with the command line, I'd recommend pass with Password Store (you need to use this with OpenKeyChain).
> Keepass4droid
And Keepass2Android.
Let me copy paste an older post of mine:
Just a reminder - to be safe from password leaks use different and strong passwords in every site. I recommend:
KeePass 2 (main program)
+ Keefox (plugin that makes it auto-complete forms like LastPass in Firefox)
+ KeeOTP (plugin that generates TOTP (2fa) tokens like Google Authenticator in your PC, can also be automated with AutoType)
and Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
It works as a password manager, a password generator to auto generate good passwords, LastPass clone (with Keefox) and TOTP 2FA token generator on PC and mobile.
Just choose simplicity and security.
Don't create and remember passwords, it's not practical nor secure. Be super interested in using a password manager and remember only the password to your password manager
https://ssd.eff.org/en/module/creating-strong-passwords#1
Password manager suggestion:
KeePass 2 (main program)
+ Kee (KeePass plugin/Firefox addon that makes it auto-complete forms like LastPass in Firefox)
+ KeeOTP (plugin that generates TOTP (2fa) tokens like Google Authenticator in your PC, can be autosubmitted with Kee)
and Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
It works as a password manager, a password generator to auto generate good passwords, LastPass clone (with Keefox) and TOTP 2FA token generator on PC and mobile.
Just choose simplicity and security.
The best one for Android is Keepass2Android
I'm a fan of KeePass for desktop and android. I host my database on Google Drive and authenticate using a password and yubikey (supports NFC for unlocking KeePass on a phone). A bonus with using a yubikey is that I now login to Gmail and Facebook with U2F (i.e., a hardware token).
On a side note, I am disappointed that none of my banks support 2FA beyond texting/emailing (though, I guess I should be thankful that they allow that). A time or hardware-based approach would be preferable.
//EDIT: Meant to reply to /u/fatc0w's comment.
KeePassXC und KeePass2Android.
I think Keepass2Android beta includes this feature c:
https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
Just a reminder (copy pasting this post from when I posted it on Project Pokemon hack) - to be safe from password leaks use different and strong passwords in every site. I recommend:
KeePass 2 (main program)
+ Keefox (plugin that makes it auto-complete forms like LastPass in Firefox)
+ KeeOTP (plugin that generates TOTP (2fa) tokens like Google Authenticator in your PC, can also be automated with AutoType)
and Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
It works as a password manager, a password generator to auto generate good passwords, LastPass clone (with Keefox) and TOTP 2FA token generator on PC and mobile.
Just choose simplicity and security.
Might want to look in to using a password database software to secure your passwords. I recently switched everything of any importance over to KeePass after finding another game account of mine was hacked. KeePass also has Android (this is what I use) and iOS apps to access your database and password from your devices.
I would also recommend not keeping your credit/debit cards saved for any game to prevent any purchases if your account does end up being hacked.
Keepass. Its free and open source. The computer client is ugly, but it works really really well. It has every feature you could imagine, and a lot of great plugins (keepasshttp for online autofill).
You can keep the database in a cloud storage for sync.
There is also really great android client that supports fingerprint scanners.
Edit: Keepassx has a much nicer GUI, and is natively cross platform (instead of using mono, which can be buggy). The last time I checked it out it did not support Keepass2 databases, but it looks support was added! No plugins though :(
Shout out to the open source KeePass2Android.
Keepass2Android works really well on Android, and is compatible with Keepass.
I use Keepass2Android.
I use keepass*, and use google drive to sync it between everything
Edit: not enough e
Keepass runs on Windows and operating systems supporting Mono. On Linux, I also recommend KeepassXC. There are also mobile apps that support Keepass. Keepass2Android works well on Android. This allows you to keep your password file in the cloud and access it from anywhere.
Free, open source, store local or sync to cloud of your choice (Drive, Dropbox, etc.)
Free, open source, store local or sync to cloud of your choice (Drive, Dropbox, etc.)
Yet another good reason to use different email addresses and passwords for everything.
Having multiple email addresses isn't too hard - just buy your own domain name, then you can have almost infinite addresses, whatever@yourdomain.
Manage multiple passwords either with an old fashioned notebook and pen or a password manager program. I like KeePass (for my PC), KeePass2Android (for my phone/tablet), storing the data file on my Dropbox folder to keep all devices in sync.
What OS are you using?
If you're on Linux or macOS (where Mono, I would highly recommend using the native KeePassXC implementation. It runs really well, and is likely available in your package manager (or can be downloaded here).
If you're on Windows, just use the regular KeePass 2.x program (regular download link and portable download link).
On Android KeePass2Android is fantastic, and I've heard good things about MiniKeePass on iOS.
Try Keepass2Android
Use KeePass2Android, not KeePassDroid.
Ich benutze seit Jahren das Programm KeePass. Das ist ein Passwort-Safe.
Man legt eine Datei an, in der man alle möglichen Passwörter, LogIn-Daten, Seriennummern und so weiter sortiert hinterlegen kann. Zum Öffnen dieser Datei braucht man sich jetzt nur noch ein Master-Passwort zu merken, alle anderen kann man dann im Programm suchen und lesen (und auch in die Zwischenablage kopieren, per Drag 'n' Drop einfügen, etc).
Als besonderes Goodie gibt es auch Apps für Android, iPhone und andere. Die Synchronisation mache ich über das (teils in die Apps integrierte) DropBox.
Insgesamt kann ich das nur wärmstens empfehlen. Einzig das Master-Passwort ist EXTREM wichtig! Wenn man das nicht mehr weiss, kann man die Datei nicht mehr öffnen und kommt auch nicht mehr an seine Passwörter ran...
I use KeePass2Android. I have my keepass vault hosted on a Google Drive account for cloud access that allows me multi-platform access.
I see others talk about BitWarden, but from what I've read, you either need an account with BitWarden or self-host. Self-hosting BitWarden is exponentially more difficult to accomplish opposed to simply storing your vault on a service like Google Drive. Also, form what I read about BitWarden, you cannot store a vault on a cloud service like you can with KeePass, so with BitWarden it's either you create a BitWarden account or self-host, and self-hosting is, of course going to require you run some sort of server set up so you can access it from outside your personal network.
With KeePass2Android there's no accounts to create other than where you're going to host your database in the cloud (if you choose to do so). It's multi-platform, and offers excellent independent developer options that provide apps for whatever device you plan to access your vault on.
Here's my setup (download links added):
- KeePass client installed on Windows
- KeePass Google Sync Plugin installed in Windows client to sync with database stored on Google Drive
- Keepass2Android Password Safe App installed on my Android device
- Keefox addon installed in Fireox web browser on PC
I would check out EFF's "SSD" guide. They recommend KeePassX.
I've had success with KeePassXC (a community fork of KeePassX) backed up on a Nextcloud instance and paired with Keepass2Android for mobile access. Another password manager to keep in mind is bitwarden. Browser addon + mobile apps with automatic sync.
Password managers! I personally use KeePass. Then you just set vague categories of your passwords. An example of my KeePass layout:
1) Internet
- Shopping
- Forums
- Social Media
- IRC
- P2P / Trackers
2) Video Games
3) Networking
- Cloud Storage
- VPN
Then I just carry around a local backup of my KeePass database on my phone. My app of choice for managing my passwords via my phone is KeePass2Droid. You may also sync your KeePass file with Dropbox as well.
There's other password managers out there. Some are free and some you have to pay for. KeePass just works for me. Once you've changed your passwords over, you don't even have to remember them. Just note that you need to make a backup of it somewhere. Maybe once a week drop another backup onto Google Drive or your cloud storage of choice.
Add my vote to KeePass which I prefer since it do not use a client server model. For instance the official self-hosted Bitwarden implementation, which could be suitable for installation on a personal NAS has relatively high requirements:
- Processor: x64, 1.4GHz or faster
- Memory: 2GB of RAM or more
- Storage: 10GB or more
(source: https://help.bitwarden.com/article/install-on-premise/ )
On the other side, Keepass (my Android client of choice is Keepass2Android BTW but there are alternatives), when using a remote file storage (which can be self-hosted on a personal SFTP, Webdav or owncloud server) or public (Onedrive, Google Drive and others) still provide seamless two way synchronisation and, for those who prefer, it can even work unconnected with a simple local file.
That's why Dropbox and Sync were suggested. I use Dropbox to sync my KeePass database to my phone and use Keepass2Android (or MiniKeyPass for iOS users) to auto-fill fields. There is a list of other clients on the KeyPass downloads page.
Most like Lastpass does the encryption locally and before the data is saved/updated to the cloud and only the user has the key. Otherwise there would be little point in advertising security. And while a company like Lastpass isn't immune to hacking, your concern about hackers suddenly getting all of your passwords in plain format is a bit wrong kind of concern.
If you don't go for a paid service like Lastpass (free for desktop, mobile app needs a subscription), then KeePass format is probably the way to go.
Keepass2Android is what I use.
cloud supported version (meaning built-in e.g. Dropbox support... but again, the app encrypts the file before it puts it to the cloud, so Dropbox can't do anything with it)
BETA version which has material design: http://keepass2android.codeplex.com
And you can obviously manage them on the desktop too and there are even browser extensions.
AuthPass and KeePass2Android (offline-only variant), doesn't require the use of a cloud/network provider.
I use Keepass2Android (https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en_US) and have synced using a online drive no problem. I use Keepass for a lot of things on PC that aren't browser based so LastPass isn't for me. Quickbooks, SSH servers, MySql servers, etc. are things I use regularly that Keepass can handle that LastPass could not. For browser integration I use Kee (https://addons.mozilla.org/en-US/firefox/addon/keefox/).
I'm not sure there is much of a question here, but you do realize you can just start out by running VMs on your desktop right? If you already know you want to get into this then I'd say go for it, buy that r710 (this is /r/homelab after all).
Personally I like docker for my services, since it's easy to have a service 'just work (TM)'. So if you want to get your toes wet, without fully investing the $1400 up front you could install docker into a VM and start using it (look into using volumes & docker compose files, so you can easily transfer your docker install. Altough I guess you could convert the whole VM to the hypervisor of your choice.)
Then with docker you will be able to spin up Nextcloud which can host your calendars IIRC (you just need an additional app for android) and you could create accounts for friends and family for the dropbox replacement (which is basicly what Nextcloud is in the first place).
As for the mail server, personally I don't bother (I just pay a few euros every month to have it hosted), besides as far as I know most residential connections will be blacklisted pretty quick/are blocked... :( Besides that running a mailserver is an art onto itself, you mess up your rDNS entries and most receiving servers will list you as spam, spam is abundant (so you'll have to setup something to filter that stuff out) and what happens if your mail server is broken/offline/damaged and you don't receive that one important email?
Don't forget about documentation though, write down (run a bookstack install in docker ;) ) what you setup and why you set it up like that. This will make it easier should you ever have to come back to it and redo or repair the install.
Also, do get a password manager if you don't already have one (I currently like KeepassXC) and keep the database in your nextcloud folder (now install Keepass2Android or similair, and use the owncloud option to connect to your nextcloud install; hey presto! portable password vault fully under your control (and Nextcloud keeps version) ). Use the password manager to generate strong passwords for your many many accounts you will be making...
As for backups, you can use ZFS's snapshot feature using sanoid, then once you have a second host/storage box you can use syncoid to sync the snapshots between two hosts. You can set the retention period (x hourly, y daily, z monthly etc) via the config files.
What hypervisor will you be using? Proxmox? I like proxmox (and sanoid will work between two nodes) and it can do ZFS on root (aswell as just have ZFS datastores). Want kind of RAID will you be setting up?
Just because you said you don't understand anything yet, I'll link toanother comment of mine where I outline the process of labbing I use and it also has a list of some things to look into...
I would also suggest the ff alternatives to KeePassDroid & Slide for Reddit. Both open source as well: - Keepass2Android (Online & Offline versions) - constantly updated and supports new KDBX4 format, Argon2 key derivation function and ChaCha20 encryption algorithm (all 3 introduced in Keepass 2.35) - RedReader | RedReader Alpha - open source Reddit client. Stable version is also available on Play Store.
If you trust LastPass, then the chances of your passwords being stolen are incredibly slim. They claim that your passwords are heavily encrypted and that only you hold the master key/password to unlock them.
If you do not trust LastPass, then you could try KeePass, which stores your passwords in a local database file. There's also pass, which I use, but it's kinda difficult to setup. Both of thse options are trusted open-source projects and have a variety of clients available for just about every platform. On Android, Keepass2Android and Password Store, for KeePass and pass respectively, are solid options.
Bitwarden is easier to setup if you want to sync across multiple devices, but personally I prefer Keypass because I feel like it gives me more control of my data.
On Android:
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
On Windows:
with the KeeAnywhere plugin for doing cloud sync:
and the Kee browser extension for Firefox:
https://addons.mozilla.org/en-US/firefox/addon/keefox/
or for Chromium based browsers:
I am very satisfied with https://keepass.info/ (for PC). For Android there is Unofficial ports https://keepass.info/download.html.
Personally I use Keepass2Android Password Safe
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I found this which is fairly recent.
But this shows why you should only store passwords you don't care about in your browsers, they can easily be accessed.
I prefer to use a tool like Keepass (which I love because it is available on any platform, Android included) to store passwords, and use cookies to keep sessions open on various devices.
You can put your password database on any cloud service like Dropbox or Google Drive as it's heavily encrypted, and you can have it synced across your devices.
Yo uso KeePassXC que además tiene extensión para Firefox y Chrome.
En el celu uso Keepass2Android.
La BD es una sola y está en Google Drive.
La que estuve viendo que muchos recomiendan es Bitwarden que es una solución más completa.
I just keep it all in a keepass database with the totp plugin. On nextcloud I use the keeweb app, unfortunately the developer isn't updating it because he doesn't want admin's to admin (silly idea imho) you need to follow these steps to make it work
As for iphone I don't know the best app because I'm on android and use the excellent keepass2android that supports totp out of the box. But there is this reddit thread you could check
KeepassXC for Windows, Mac OS and Linux
KeePass2Android for Android (also supports Dropbox Nextcloud, etc.)
are the ones I would recommend. All can share the same database - if I update something on my PC I can look it up seconds later on my phone, as the database is synced via Nextcloud. I'm sure there's something for iOS as well.
Itse käytän KeePassia Windowsilla (open source) ja sen parempaa Linux-versiota KeePassXC:tä. Kännykällä Keepass2Android.
Alussa säätäminen tuntui vähän ikävältä, mutta toisaalta kun lopputuloksena on joka paikkaan täysin randomi salasana, niin minusta aika pieni hinta siitä mielenrauhasta.
Jos maksullisuus ei haittaa, niin olen kuullut hyvää 1Passwordista, josta löytyy sovellukset sekä työpöytäkäyttiksille että mobiiliin.
Tosiaan myös kaksivaiheinen tunnistautuminen (2FA) kannattaa ottaa käyttöön kaikkialla missä mahdollista.
Voisin kuvitella että sekä KeePassiin että muihin salasanamanagereihin saa importattua salasanat suht helposti selaimista (kuten Chromesta).
I would also recommend KeePassXC. Open source, cross platform (with the same UI on every system), and with a nice set of features.
You can use the KeePassXC-Browser extension (Chrome and Firefox) if you want to, but the AutoType feature does the job well in my opinion. Bonus point being, it even works on other applications than your web browser! If you don't know what that is, it allows KeePassXC to automatically type in login, password, and even 2FA code. You can tune on each entry to make it work perfectly even with tricky websites.
e.g. {CLEARFIELD}{USERNAME}{TAB}{CLEARFIELD}{PASSWORD}{ENTER}{delay 1500}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{TAB}{delay 500}{TOTP}{TAB}{TAB}{ENTER}
Note: I am using this one for a game launcher.
For mobile application, I haven't tested the one mentioned for iOS, but I am using Keepass2Android Password Safe which works flawlessly for me and supports the fingerprint unlock if you are into that.
With KeePassXC (or any other version for that matter, you will have to sync your DB manually. I wouldn't say that it's too much of a bother, since you can just savve it in your favourite Cloud to have it everywhere. NB: If you're using a key file on top of your password, I strongly recommend storing it in a different location.
You're also able to write any kind of notes on any entry, add custom fields and everything. Besides that, you can attach files directly into it.
Only thing that doesn't seem to comply with your list would be a secondary access from someone else. As far as I know, that is not possible. That being said, if you are afraid of losing some important account information, you could always have duplicate in her own password manager.
I second this!
I also use KeePass and KeePass2Android since at least 6 years. I use DropBox to sync the encrypted file between devices which KeePass2Android can use out-of-the-box. The Android app even comes with it's own (optional) keyboard to bypass a clipcoard flaw, it also uses the autofill function on the latest Android OS release.
Also, KeePass not having a central back-end is a big plus. You don't have to use anything to sync the file. You can use a variety of services, which also includes completely manual syncing the file. This massively reduces the risk you personally are hacked, because 1) the hacker has to find your repository and then 2) realize there's file in KeePass-format and then 3) decrypt it by using a lot of computing power (please note that I do not say you being hacked will be impossible)
Last but not least, all of the mentioned apps and services are free of charge.
EDIT:
Did I already mention the plugins? There's even input helpers for various browsers on your desktop PC!
KeePass is your best local bet. You create a local encrypted database, protected by your master password, which stores all your other passwords. You can make backups of the database and store them online in DropBox or whatever, and even if someone gets access to it they can't use it, because it's well-encrypted.
Edit: KeePass, and KeePass for android, or if you use another platform here is their download page with links to the other stuff.
Dropbox?
OK, so technically that's actually more of a cloud synchronisation system. One big flaw is that the free tier of their service only allows you to recover the last 30 days of changes to the file. (It also allows you to recover the file if you deleted it.)
That should be enough. Also, it comes with an added advantage - if you use an Android app like Keepass2Android Password Safe (https://play.google.com/store/apps/details?id=keepass2android.keepass2android) it will actually do a quick check to make sure that it's using the latest file from Dropbox before opening it.
I can understand some people might not like the idea of cloud storage, but the file is encrypted. And you need an off-site copy in case of the worst case of fire/flood etc...
Without knowing more about how you do your backups right now, then it's difficult to suggest much more.
My current backups use rdiff-backup to create a versioned copy of my files on another disk. I also use an offsite backup service which is automatic. I used to just call my rdiff-backup command line manually from the bash history, but recently moved it into a short script which calls it. That allowed me to add a copy of my Keepass file in ~/Documents and call cp -u to copy the file from ~/Dropbox to ~/Documents if it's been updated.
(The script also does other things like rsync VM files to another disk, which aren't worth covering here. You could also try using a symlink from the Dropbox folder, but some backup systems may ignore such links. Also, a Keepass file is small - having a copy hardly breaks the storage bank!)
The point here is that you should probably think about your entire backup system, and then try to integrate this one file into that. I definitely recommend Dropbox for the convenience of synchronisation, but you should care about your data enough that you don't trust it to any one service or location - if you don't have multiple copies in multiple locations, you're not looking after your data!
Keepass2Android is the most used app. It is open source so check the code or trust other people did check the code.
like /u/Cryszon said, KeePass is good because its quite secure (so far) and free. I save the database to my Google Drive so I can access it from anywhere. Takes some time and google-fu to set up on PC though, but most users can manage. Here's my setup if you want to use my way (there are other options, just google it):
I use KeePass 2.34, with the KeePassHttp plugin so I can use it with Chrome's chromeIPass extension. It will now function like Chrome's built-in password manager. By saving the database to Google Drive, I can also access the database on Android using the KeePass2Android app.
If you don't want to do all that, just installing keepass is fine. You'll have to manually copy/paste your passwords though
I don't, Keepass does it for me. I use Keepass2Android and Dropbox.
No, use KeePass, it's totally free and open source. For android, use Keepass2Android (Play Store). Use whatever cloud service or wifi sync app you want to keep an up to date copy of your database on your phone. I just use dropbox.
Use a strong password for your password manager. I recommend making one with Diceware.
KeePassX on desktop and Keepass2Android for Android is a good choice.
If you're a GNU/Linux user and comfortable with the command line, I'd recommend pass on desktop with Password Store on Android (you need to use this with OpenKeyChain).
Make sure to turn on 2-step verification on Google and other sites that support it, and use Google Authenticator.
Snowdens tips on reclaiming privacy seems relevant here. I'll include the other ones as well even though you're only asking about password managers.
https://theintercept.com/2015/11/12/edward-snowden-explains-how-to-reclaim-your-privacy/
The first step that anyone could take is to encrypt their phone calls and their text messages. You can do that through the smartphone app Signal, by Open Whisper Systems. It’s free, and you can just download it immediately. And anybody you’re talking to now, their communications, if it’s intercepted, can’t be read by adversaries. [Signal is available for iOS and Android, and, unlike a lot of security tools, is very easy to use.]
You should encrypt your hard disk, so that if your computer is stolen the information isn’t obtainable to an adversary — pictures, where you live, where you work, where your kids are, where you go to school. [I’ve written a guide to encrypting your disk on Windows, Mac, and Linux.]
Use a password manager. One of the main things that gets people’s private information exposed, not necessarily to the most powerful adversaries, but to the most common ones, are data dumps. Your credentials may be revealed because some service you stopped using in 2007 gets hacked, and your password that you were using for that one site also works for your Gmail account. A password manager allows you to create unique passwords for every site that are unbreakable, but you don’t have the burden of memorizing them. [The password manager KeePassX is free, open source, cross-platform, and never stores anything in the cloud.]
The other thing there is two-factor authentication. The value of this is if someone does steal your password, or it’s left or exposed somewhere … [two-factor authentication] allows the provider to send you a secondary means of authentication — a text message or something like that.
Bruce Schneier also has some good advice: There's more to passwords than simply choosing a good one:
Never reuse a password you care about. Even if you choose a secure password, the site it's for could leak it because of its own incompetence. You don't want someone who gets your password for one application or site to be able to use it for another.
Don't bother updating your password regularly. Sites that require 90-day -- or whatever -- password upgrades do more harm than good. Unless you think your password might be compromised, don't change it.
Beware the "secret question." You don't want a backup system for when you forget your password to be easier to break than your password. Really, it's smart to use a password manager. Or to write your passwords down on a piece of paper and secure that piece of paper.
One more piece of advice: if a site offers two-factor authentication, seriously consider using it. It's almost certainly a security improvement.
I usually have my phone or one of my computers nearby. I use Keepass on Windows, and Keepass2Android on my phone and tablet, storing the data file in a Dropbox folder for automatic synchronisation between all my devices.
If I'm not near one of my computers/tablets and I don't have my phone (most unusual - I take it everywhere) then I just can't login anywhere unless I have memorised the password.
>keepass2android by Philipp Crocoll
https://keepass.info/download.html is the official site, so if the keepass2android app you're looking at is this one then yes, that's the one.
Il migliore IMO è Keepass. Sì, non è un software attraente esteticamente, ma fa il suo lavoro.
Hai un DB locale (quindi un file che puoi anche caricare nel cloud) con tutte le tue password, crittografato con una classica "master password", e scegli persino quanto forte la vuoi la crittografia (i miei settings per esempio).
Sul desktop basta l'applicazione principale, su Android vi sono diversi porting. Io uso questo.
I use the (free) password manager Keepass, but there are others out there including paid ones. I love the password generator feature. It's so simple. If you insist on creating your own password, you can feed it though https://howsecureismypassword.net/ to check how complex/easy it is to be cracked.
r/keepass Reddit community
https://keepass.info/ official page
Keepass2Android Android version I use, but there are others.
Also if you haven't done so yet, use a strong randomly generated password.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
See https://keepass.info/ , there are a number of Android ports, I use https://play.google.com/store/apps/details?id=keepass2android.keepass2android.
Personally, I sync the file through my OneDrive, but you could also keep only a local file on your device, as you prefer that.
I use a KeePass database on multiple platforms, stored in my personal Google Drive (account protected with 2FA)
- KeePass2Android on my Android smartphone
- KeeWeb on my work MacBook and home desktop running Windows 10 and Debian (app), & work iPhone and Chromebook at home (online)
So far, I've been able to access it quite easily on any platform I needed, and all are kept in sync.
Bitwarden (et d'autres aussi) fait tout ça avec différentes applis (extension navigateur, appli smartphone, appli Desktop...).
Je n'aime pas trop Keepass dès que ça sort du cadre d'un seul PC, car il y a 50 forks différents au lieu d'une appli unifiée, et qu'il faut auto-héberger le fichier des mots de passe, mais si tu veux le faire : appli Desktop, appli Android, extension Firefox
KeePass2Android: android client for KeePass
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Offline edition (no network access privilege)
https://play.google.com/store/apps/details?id=keepass2android.keepass2android_nonet
I use KeepassXC.
- It has a browser extension, KeePassXC-Browser
- Keepass2Android can work with keepass database files
- I use syncthing but you can also use dropbox or other options (keepass2android supports a bunch of them).
One thing that is a bit confusing is that there are a bunch of different versions of keepass out there. On desktop there is keepass2, keepassx and keepassxc and on mobiile there are multiple too. I'll let the keepassxc faq answer this question for you.
Also zu Mac und iOS kann ich nichts sagen, aber auf meinem Linux Laptop benutze ich https://keepassxc.org, auf Windows den offiziellen Client von keepass.info und auf meinem Android Keepass2Android, absolut super App, hab da auch schon paar mal gespendet. Neue Passwörter erstellen mache ich aber fast ausschließlich in Windows, ab und zu mit Keepass2Android, auf Linux copy paste ich die nur wenn ich sie brauche.
Alle drei Programme greifen auf meine in google drive synchronisierte keepass Datenbank zu.
(Bei https://keepass.info/download.html gibt's ne ganze Liste von Programmen für alle OS)
i use keepass2 (the version 2.xx not the v1.xx) on my pc, keepass2android on my phone, and keepassxc on my work macbook.
i keep my database stored on google drive so it's synchronized between devices, i can create a new entry on my phone and then it's available on all my devices.
keepass2 on my pc needed an extension called KeeAnywhere in order to easily use google drive. the plugin works well and have no complaints.
KeepassXC doesn't support plugins so i have to use the google drive app (now called Google Backup and Sync) to keep a local copy of the database in order to keep it synchronized. this isn't the best solution because it causes errors if the database is modified when open in another app. i really wish there was a better option for macs but i only have to deal with them at work
I use http://inputstick.com/ together with https://play.google.com/store/apps/details?id=keepass2android.keepass2android and https://github.com/inputstick/KP2APlugin
The InputStick emulates a normal USB keyboard and uses an AES encrypted BlueTooth connection to receive the key events from my phone. Works perfectly! It works even for BIOS passwords...
With an USB OTG adapter I have even used it to access a Google account on another phone.
Much better is Keepass2Android:
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Many more features including fingerprint unlock
I use MiniKeePass on my iPhone. On Android I found Keepass2Android with a quick Google search. Both will integrate with Dropbox on a cell phone. The main KeePass application uses a standard data format and standard encryption algorithms. Developers can write software for any platform since the data doesn't care.
EDIT: I missed your point about the length of your password being a problem. You're probably overdoing your efforts at security. A secure password should be 12 to 14 characters long. A longer password, or passphrase, is more secure however all passwords can be hacked given enough time and computer power. What you want is a password strong enough that it can't be hacked in a useful length of time. For example, this Wikipedia article says that all possible 8 character passwords can currently be calculated in 30 seconds using a GPU. But calculating all possible 13 character passwords would take 900,000 years using the same technology. HOWEVER, this only works if your password is not a dictionary word or a commonly used phrase. So you can probably go with something shorter.
Also, check out KeePassXC for a nicer cross-platform client, Keepass2Android for Android support and Syncthing for decentralized synchronization between devices.
Io come chiave uso solo una master password.
Come app ti consiglio questa
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Enter Keepass2Android.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=nl
Works great and is opensource.
I personally prefer keepass2android
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Yes, Keepass2Android. Repo is here
Keepass2Android for Android. Don't know if there's a good app for iOS.
Use Free Software instead of proprietary is usually a good idea. You don't gain anything from installing those apps from F-Droid though, like I said you're better off not allowing installation of third party apps. Antivirus isn't needed and Android already has a device manager, use that.
Use strong passwords and don't reuse them. Best thing is to use a password manager (make sure it's free software). That way you don't have to remember many passwords, just one. Use Diceware to make it a good one.
Keepass2Android is a good password manager.
If you're a GNU/Linux user and comfortable with the command line, I'd recommend pass with Password Store (you need to use this with OpenKeyChain).
Make sure to turn on 2-step verification on Google and use Google Authenticator.
OpenKeyChain " OpenKeychain stores and manages your keys, and those of the people you communicate with, on your Android. It also helps you find others’ keys online, and interchange keys by touching devices. But its most frequent use is in using those keys to encrypt and decrypt messages."
Firefox with the following add-ons uBlock Origin, HTTPS-Everywhere, and Decentraleyes.
On the desktop version Privacy Badger is also a must, but it doesn't work on mobile. None of the add-ons mentioned require any effort, you just install and forget about them.
As mentioned in another comment, Keepass2Android is what you're looking for.
Use Free Software instead of proprietary.
Keepass2Android is a good password manager. Use KeePassX on desktop.
If you're a GNU/Linux user and comfortable with the command line, I'd recommend pass with Password Store (you need to use this with OpenKeyChain).
Some thoughts I figured I'd throw in, see what sticks:
AirVPN -- I've been using this service for years now and I'm really impressed with it. It's not free, but it's open-source, OpenVPN-based, with servers all over the world. Clients for just about every platform.
Passwords -- use a different strong, randomly generated password for every online account. Use KeePass2 to store them, put the (strongly encrypted) database on Dropbox, and if you work a lot with computers you don't own and can't install the software on, use an InputStick to dump passwords from KeePass2 on your phone through Bluetooth to a USB port.
Phone communications -- OpenWhisper's Signal (formerly RedPhone) software allows end-to-end encrypted voice calls and SMS messaging, with what feels like a drop-in replacement to the usual UI.
KeePass with either a keyfile or the otpkeyprov plug-in to integrate with YubiKey or Google Authenticator.
Add the keepasshttp plug-in and PassIFox or chromeIpass extenstions for automatic form filling.
Use KeePass2Android for mobile access.
And finally use your favorite, preferably self-hosted, file storage platform to keep them all in sync.
Actually, IIRC the Ubuntu PPA you need to do kdbx2 databases (more secure than the first version of kdbx) is the keepassx-daily ppa branch -- it comes with the typical doom & gloom 'always backup, this may neuter your cat in your sleep' statements, but I've never had any issue actually caused by the program and not myself).
https://launchpad.net/~keepassx/+archive/ubuntu/daily
The other clients, including KeePass2Android, can be found on the keepass.info home page for the project overall, listed under Contributed/Unofficial KeePass Ports, on the Downloads page.
Here is the Google Play store page for KeePass2Android, the same link on that page. It is not the only Android build for KeePass, but it is the one I've found I like/works best.
Also of mind: the KeePassX links from that page are the 'stable' branches, and as a result, don't have kdbx2 support just yet, hence the link to the daily branch ppa.
EDIT: KeePass2Android might work on the Ubuntu Phone, less you just need another copy of KeePassX on there, but it seems the Ubuntu Phone version I found isn't listed on the download page at present. Could be in the forums though.
I use the not-offline version: https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I save my kdbx to onedrive so it syncs with my desktop which is handy.
I've used Keepass for years, and love every part of it and this app.
For anyone interested, there is an online version that can sync with storage services like Drive or Dropbox.
Furthermore, the main site has downloads and links to PC versions and more.
In addition to the suggestions to use Authy(which I echo), you might also consider the KeePassXC password manager as a secondary place for your 2FA accounts. It does not sync across devices, but there is a desktop client (Windows, macOS, and Linux) as well as Android (KeePass2Androidor KeePassDX) & iOS (Strongbox or KeePassium).
I recommend a dual-storage approach because KeePassXC can store secret keys on a per-account basis in a secure file that you can save offline (say on your computer). This creates two places where your 2FA setups are stored - Authy (cloud-based, syncs across devices) and KeePassXC (file-based, saved to your device(s) for safekeeping.
You can set up Authy on multiple devices (mobile, laptop, and desktop), helping avoid being locked out if one device goes down. You can save the KeePassXC file as its own backup in case Authy becomes inaccessible.
I keep my passwords local to my PC and phone and sync them both to a single LAN location over WiFi, mainly because I just find it more convenient, but I'm guessing it's a bit harder to steal them from me, too?
KeePassXC
https://keepassxc.org/ [Firefox integration add-on]
KeePass2Android Password Safe
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I don't think LastPass users are in any immediate danger from this hack, though. But the minor heart attack stories like this bring is something I wanna avoid.
Su android ci sono varie app in grado di aprire i DB keepass, io uso KeePass2Android
Praticamente il file DB che ti generi lo carichi in un percorso drive.
Poi apri keepass sul cellulare, anziché generare un nuovo DB gli dici "Select DB from path" o una roba del genere, e selezioni il file che hai caricato su drive.
Stessa cosa da PC, per il quale però ti serve Drive Desktop Questo perché drive Desktop fa comparire il tuo Drive come se fosse un vero e proprio disco fisico.
Quindi puoi aprire keepass e dirgli di prendere il file da path Drive (che magari compare come G:\, quindi G:\Il mio Drive\Cartella\Database.kdbx)
A sto punto se modifichi il DB da PC o da Smartphone, verrà modificato il DB presente su drive, allineando quindi ciò che vedi da tutti i dispositivi
Se no, dovrebbero esistere dei plugin per KeePass (tipo KeeAnywhere), ma non li ho mai provati (forse avrei dovuto, ma ormai ho tutto fatto con drive quindi whatever)
Il file kdbx è criptato con la tua PW, quindi più è sicura la tua password di accesso al DB più stai sereno. Consiglio vivamente 16 caratteri +.
Look at apps like KeePass for how to handle files. Tons of apps do this at varying levels using a SQLite db or config files for preferences or personal data.
keepass2andoid While it is a very good password manager, you can use it to keep simple, unstructured text notes in it. It can be synced by multiple ways.
If you looking for more advanced solutions with markdown support, then as already pointed - Joplin (a little heavy because of Electron, but it deserves to use it. The only thing is missed in android version is ability to add sub-notebooks, but you can prebuilt it on desktop version)
I don't think you are going to find a Docker for Android, at least not unless the device is rooted.
But...why do you want to do this? If you are looking for a locally hosted password manager, perhaps you should consider KeePass instead of Bitwarden.
(Though I think you might be best served by just using the 8bit hosted version of Bitwarden; it's no less secure than KeePass, more resilient to failure, and will be more convenient.)
Careful with the spelling. You want KeePass (notice exact spelling).
For Android apps, I always used KeePass2Android for many years before switching to Bitwarden.
I use Keepass2Android. Free and very usable. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Keepass (Linux, Windows, OSX and Android) and Resilio to sync the file across devices, one instance of Resilio runs on a server, although your phone could act as a server for such a small file, since it's usually always online anyway.
You really need to be using unique, random passwords for each site to protect yourself from password leaks. Good luck remembering random passwords for 100+ accounts that many people would have now.
You don’t have to use a password manager web service. Open source tools like KeePass are available that run only on your computer and save the passwords in an encrypted vault file that you decide where it gets saved.
KeeWeb is a PWA port of KeePass that executes only in the browser and has zero communication with any server (other than optional support for cloud services like DropBox or Google Drive).
https://github.com/keeweb/keeweb
KeePass also has ports for Android.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Ito gamit ko Keepass, 4 years na siguro. Free and open source.
I've been using Keepass2Android Offline (with the KeyboardSwap plugin) for years. The plugin runs in the background but does not use any battery. I would highly recommend this password manager.
There is also a cloud version but I prefer to keep my passwords offline..
This app here? https://play.google.com/store/apps/details?id=keepass2android.keepass2android
It's not blocked for me. Can you verify that you are using the same app?
I don't keep my database on Google Drive though.
- Free and open-source
- Cross-platform universal database format
- Various clouds sync support
Any of the KeePass related apps like Keepass2Android or KeePassDX or AuthPass.
Personally I prefer Keepass. It's been around 18 years, so it's pretty mature and easy to use. There are compatible versions or variants for Windows, Linux, Mac, Android, Chromebook, etc. Some of the compatible variants:
- KeepassXC for Linux or Mac if you don't like the original port
- Keepass2Android for Android
- Strongbox for iOs
For work, I use LastPass with its management features that let you share passwords and secrets among a team of coworkers, revoke or change passwords when someone quits, etc. That's an online one, which makes sense for that shared/managed use case.
For pins and passwords I use Keepass https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Just make the password for the app easy to remember, but you can open it with your fingerprint, and all pins are an app away.
It's all stored in an encrypted file on your phone, so anyone else wanting your pins and passwords need to get into your phone then into the app to steal em.
Its saved me on multiple occasions, I don't remember the pin to all these credit cards! And now all my passwords are 12 random character because I don't have to remember them.
>But what is if I need my database to log into my KeePass when I'm at another PC?
Carry a database with you on a USB-stick in your wallet. It doesn't need to be up-to-date, it just needs to have the latest dropbox pwd if you need the more up-to-date stuff.
As for "portable", if you mean "smartphone", then Keepass2Android and Strongbox are good apps that work offline and merely update/sync when there's a connection
Keepass2Android Password Safe | 4.5 ⭐️ | Free | 48MB |
> Keepass2Android is an open source password manager application for Android. It is compatible with the popular KeePass 2.x Password Safe for Windows and aims at simple synchronization between devices. Some highlights of the app: * Stores all ...
^(Legend: |🏠: Family Library| ▶️: Play Pass|)
^(Comment author may reply with !remove if wrong result is provided)
|Feedback|PunyDev|
>I'm using Keepass and keeping the tresor file in sync is impossible.
If you have an alternate cloud storage option, you might be able to use Keepass2Android — it's been working well for me. I use it in conjunction with KeeWeb on my desktop so both access the same webdav file.
J'utilise KeePass. Tu as un unique fichier que tu peux stocker en local ou sur un serveur.
J'en garde une version sur Google Drive accessible depuis l'application Android (par synchronisation avec le compte) et une version locale par ordinateur. Lorsque je rajoute un mdp je sauvegarde la nouvelle version sur gdrive qui permet de garder un historique des fichiers.
Pas d'autoremplissage mais tu n'est pas dépendant d'un serveur tier pour l'authentification.
Looks nice, but the #1 priority of a password manager is security and backups. How are these handled? I don't see anything in the store description about it.
Fyi I'm using https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Storage format is open, with clients on phones, windows and Mac. Sync and backup via Dropbox and Gdrive, multiple db for private, work x2. Security is password + optional key file, and auto locks after timeout, optional biometric unlock.
It's ugly but perfectly functional, which is better than nice looking but lacking for something as critical as a password manager.
Personally, I have found Keepass2Android together with KeyboardSwap generally works well on Android. It's a personal matter, though, and because the database format is standard, you can try out several of them to find which one you prefer. You can change your mind any time.
You can store the database on Google Drive, and synchronise it there if you wish. I use Dropbox because Dropbox is fast. It's safe, because the whole point of the database is that it's secure. As long as you've used a properly strong password, and chosen the right settings when encrypting your database, it's as secure as any modern database can be. (That will change once quantum computers get going, but we don't know when that will be.)
On the right side of the subreddit, there is a section "Information & Links". There is also an item for the recommended apps for each platform.
​
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
or
https://play.google.com/store/apps/details?id=keepass2android.keepass2android_nonet
Consider open-source KeePass and/or KeeWeb. KeeWeb uses the file format established and maintained by KeePass, so you can mix and match them. (For example, I use KeeWeb on my desktop, but Keepass2Android on my phone.) You provide the online storage space -- something like Dropbox, Google Drive or OneDrive will work if you don't have a server of your own. The downside is that you have to get your hands dirty a bit figuring out how it works; but once you do, you realize you have control of everything.
I know a lot of people like BitWarden. At least when I looked at it, it was impossible to access a database without being online — no way to keep a local copy that's backed by the online service. I did not like that. First off, not everything I store in my database is for online services (nor is everything I store a password at all); and secondly, if it has to be online that means the servers can fail even when I have a connection. It could be that has changed by now.
While KeePass and KeeWeb accept donations, to the best of my knowledge neither has ever done anything as "You can only have this if you pay." Understandably, BitWarden has to be a bit more aggressive in trying to get you to pay, because it runs its own servers, which are an ongoing expense. You decide where to keep your data (including whether it's on a paid service or a free one) with KeePass/KeeWeb.
I've been using Keepass2Android together with Keyboard Swap for K2A for a long time.
Maybe that will work better for you?
Back when I used Keepass I used this app: https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Had no complaints, it was super painless.
Keepass on my PC and Keepass2Android on my phone. The database is on my Drive account. The Android app allows to load and edit the database straight from the Drive account, and on PC I have the Drive app to sync the Drive folder, so it's always synced across all my devices, despite being an offline password manager. Been going strong for years with this setup
On Android I use this: https://play.google.com/store/apps/details?id=keepass2android.keepass2android
But you can also get it off GitHub here: https://github.com/PhilippC/keepass2android/
For the PC I use: KeePass.info
I tried autofill and it works. But I turned it off and prefer to copy and paste my pws in.
I tried googling "free webdav servers" - you can do that too....but Box.com is old, reliable, has paid services and is good. Oh and 10gb for free accts! You can either manually upload stuff, or sync files to it, it's great. OR you can use their webdav server on your account and the server is https://dav.box.com/dav
Good luck! Let me know if you have other questions and I'm happy to help.
Keepassxc for Windows, mac, Linux https://keepassxc.org/
The password file can get opened on android with: https://play.google.com/store/apps/details?id=keepass2android.keepass2android .
You can sync the password safe with a plethora of cloud storages, including self-hosted webdav.
For Android, KeePass2Android. On desktop, KeepassXC and KeePass 2.
On my windows-units, I use Keepass with the database saved to OneDrive. Everytime I save the DB, It'll be pushed to the cloud or ask me to sync then save. I even save a portable version of Keepass EXE there, just in case. Works great.
https://keepass.info/download.html
On Android I use "KeePass2Android" - it can open the file directly off OneDrive.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
On Apple-devices I mix the OneDrive app with Keepassium.
https://keepassium.com/
With a memorable OneDrive password-phrase, and a similarly secure one for OneDrive - you'll never be far away from your personal passwords.
Turn off Phone → Settings → Phone number lookup
DAVx⁵ for Nextcloud contacts and calendar
I use keepassxc in linux and Keepass2Android in android.
Interesting, I have this selection when opening the database.
Are we using the same KP2A?
Why don't you just use a password manager and the autocomplete? It's been a long time since I have had to do anything but press my finger to fill a username/password field on my phone. Far more secure than keeping you logged in on any app.
KeepassXC auf Windows, Keepass2Android auf… Android ;) Synchronisiert über meinen eigenen Nextcloud Server. Alles open source.
KeePass2Android for password management is amazing too! Allows for syncing via popular and self-hosted platforms. Especially if you're already using KeePass. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Aegis 2FA is another nice looking and functional app that has a keen eye for few QOL features. https://f-droid.org/en/packages/com.beemdevelopment.aegis/
Keepass2Android. I use Firefox though so I can't speak to how well Chrome integrates on Android.
I'm using the official KeePass (now 2.45) for many yeas (since I'm only using Windows, no any other OS/platform).
I'm using Keepass2Android on my phone.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I setup my kdbx file in a cloud so android and PC are always in sync. This app has support for multiple cloud providers.
Seriously though. Install KeePass, make a database file, and sync the file to a cloud storage of your choice (Google drive, Microsoft Onedrive, iCloud, NextCloud, whatever). You can even access your database using an Android client. After that, the only password you ever have to remember is your master password to get into your keepass database.
I use BusyCal daily - https://www.busymac.com/busycal/
StrongBox is what I recommend to clients for secure password (and other info) storage https://strongboxsafe.com/ but for historical reasons I still use pwSafe https://pwsafe.info/ They both use open standards for their file format, and have iPhone/iPad apps as well. Stongbox has a slight edge because it understands both "password safe" and "KeePass" formats.
If I had Windows or Linux or Android devices, I might use the fully Open Source KeePassXC https://keepassxc.org/ and KeePass2Android https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I recommend using a password manager such as KeePass (app ver.), it has a lot of great features and it's open source. Contrary to other recommendations, I advise against using LastPass or Dashlane (see r/privacytoolsIO for well-explained info). Other than that, enable multi-factor authentication (2FA) on your accounts, if available, and use an authenticator such as Aegis, another open source app.
All passwords.
PC: https://keepass.info/
Android: https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Ich nutze seit Jahren Posteo als Mail-Provider und bin sehr zufrieden.
Als Passwort-Manager nutze ich eine Kombination aus KeeWeb (Linux), KeePass (Windows) und Keepass2Android (Android).
Die verschlüsselte KeePass/KeeWeb-Datenbank liegt dabei auf meinem Google Drive.
Für die Erstellung eines sicheren Master-Keys empfehle ich Diceware und einen regelmäßigen Wechsel des MKs.
Edit: Grammatik
KeePassXC for desktop, for Android go with Keepass2Android if you are using a YubiKey or KeePassDX otherwise.
Depending on your threat model you can store the database on cloud. Since it is encrypted it should be fine (use multifactor challenge response authentication with a hardware key for even more security).
Keepass2android, I think. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Oui le côté forks est chiant, c'est l'inconvénient avec certaines applis open-source. Mais normalement pas besoin de se prendre la tête avec les versions, ça devrait marcher facilement, faut voir ça comme un protocole ouvert.
J'ai un ami qui utilise KeepassXC sur tout ses PC (Windows, Linux) et Keepass2Android sur son smartphone, en synchronisant son fichier via Google Drive, ça marche bien d'après lui.
Sinon tu as Enpass qui est multiplateforme mais est payant au delà de 25 mots de passes. Ça m'a fais passer à Bitwarden même s'ils stockent dans leur cloud.
What Android app are you using? I recommend Keepass2Android.
keepassxc for desktops, keepass2android for android. You can sync between these using any type of cloud sync app (dropbox, gdrive, webdav, etc).
I don't know of any selfhosted application that is specifically for TOTP but I used to use a Keepass database with tray totp plugin. The android app Keepass2android reads these TOTP codes as does the keeweb application that you can selfhost. They even have description fields and accept icons.
Note: I had a separate database for passwords and TOTP keys.
Now I just use a yubikey
Keepass is great. There's an Android version as well. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
> Keepass all the way.
It's the best password manager with the best name, if you pronounce it correctly. I also suggest Keepass2Android for mobile use, and you can sync your password database across devices by way of Google Drive, Dropbox, or other cloud storage facilities using one of several available plugins.
Nutze seit Jahren das Original unter Windows und Linux sowie Keepass2Android. DB liegt in meiner Dropbox. Hatte nie das Verlangen, dafür Geld zu bezahlen.
Looks good, easy to use, free and open source. I even have my partner using it now, possibly the most valuable app on my phone
Supports yubikeys with a helper program.
I use Keepass2Android Password Safe and sync the db via Dropbox. Just transfer the key file using the cable.
That's definitely weird, if the product is the same it score shouldn't be different unless there's a reason behind it but only Dashlane could tell you the reason why is that happening, try to contact them.
i will tell you my current setup if your interested in trying something similar. Currently i use KeepassXC on Desktop and Keepass2Android, but as you soon find out this works with local password files so i add into this mix my own instance of Seafile to sync between devices (you can save your file in any filesync tool like Gdrive, Onedrive, Owncloud and anything under the sun that offers you access to webdav).
To save guard my password vault, i use a password and a Yubikey 5 as 2 Factor Authentication (you will need the NFC enable key so you can open your password file on your phone).
This being said, dont throw away your solution because of 1 small problem, try to solve it if not then yeah try other solution. Good Luck.
KeePass with Syncthing and KeepassXC on the computer.
Yes Keepass2Android does support OneDrive.
For the desktop version of Keepass, you can use the excellent KeeAnywhere add-on to add support for cloud storage.
I use this combination to sync my passwords across multiple Android and Windows devices via Dropbox. It works great. As an extra security measure, I use a keyfile that is only stored on my devices, not in the cloud.
https://github.com/Kyrodan/KeeAnywhere
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Use this to export: https://github.com/louisabraham/ffpass
I have used https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I don't know about Droid, but Keepass2 uses fingerprints now! It's awesome
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I would like to add keepass2android and keepassxc for android to the password vaults: https://play.google.com/store/apps/details?id=keepass2android.keepass2android https://github.com/PhilippC/keepass2android
Both are way better than keeoassdroid(in my opinion)
I will read me into git myself, but I would appreciate if someone could add these for now.
- Crea account DropBox (se già non ce l'hai)
- Installa KeePassXC sul PC e crea un file password all'interno della cartella DropBox
- Installa app Keepass2Android per Android o KeePass Touch per iOS
- Tramite app Android/iOS/PC sopracitate salva qualsiasi username password nel file password evitando di tenerle a mente. Crea password robuste da almeno 12 caratteri tipo
\a+n%d9h#Xe^e vivi sereno
Keyboards without Internet permission are probably safe to use. If you use Keepass2Android or Keepass2Android Offline as password manager, they provide a keyboard as well (the latter without Internet permission), so that your passwords never pass through other keyboards on entry or the clipboard on use.
KeePass 2 (main program)
+ Keefox (plugin that makes it auto-complete forms like LastPass in Firefox)
+ KeeOTP (plugin that generates TOTP (2fa) tokens like Google Authenticator in your PC, can also be automated with AutoType)
and Keepass2Android (Android implementation to have your passwords available on the go, generates also TOTP 2FA tokens so you can discard Google Authenticator)
It works as a password manager, a password generator to auto generate good passwords, LastPass clone (with Keefox) and TOTP 2FA token generator on PC and mobile.
When I poked around the dev page this appeared to have been forked from Keepass so I'm internally calling it keepass.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Desktop:
I haven't checked if there are plugins of keepass to get a similar experience to the built in pm (password manager) in chrome or firefox (EDIT: There are plugins to integrate KeePass with browsers. See this page). The functionality is still copy paste but you can enable a bit of extra security. The passwords are sort of half pasted and half typed by a virtual keyboard when you 'paste' (read about AutoType) so that a password sniffer (a malicious program that sees your clipboard to scan for sensitive data like passwords) by itself can't get your password. Likewise a keylogger (also a malicious program that reads your keyboard inputs) can't read your password. The result is that instead of
>[email protected]
being typed or copied, you get
> y il m o d .c
>m ma @ ypr vi er om
with one line being copied and the other being typed. An attack would require both the sniffer and the keylogger to work in tandem to figure out your password. I have no idea how this sort of attack applies to the built in pm of browsers. They may bypass clipboard or the keyboard entirely, but I don't know. Maybe browsers are better in that regard, apart from the ease of use.
But you may still appreciate a separate program if you use apps that require passwords where you can't rely on your browsers pm. Also, in the case of chrome at least, you are giving google access to your passwords unless you change the sync password from your google account password if you use the feature that lets you sync your passwords across devices.
I still use chrome's and firefox's pm but only for not very import passwords since they are easier to use.
Android:
This one is much better. If you use Keepass2Android, it integrstes nicely with browsers so you can get a much nicer experience, without giving up other features. On android 8, there's a thing called Autofill that is very similar to lastpass' plugin for browsers, and this app can use it. And on top of that, to avoid password sniffers, you can (actually, should) use a keyboard that comes with the app that lets you input usernames and passwords directly into a text field, bypassing the clipboard. I recommend you don't ever use copy and paste in Android (since that scheme that I mentioned in desktop to half type and half copy/paste isn't in the android version). More info on the description of the app itself about how to use the keyboard.
The result is that, on Android, it works much like regular pm like last pass or your browser, on top of other features I didn't mention (like encrypted strings, that are really useful for storing your 2FA codes).
Always be paranoid about security. It's most likely that someone got a hacked database of accounts and is trying those passwords on different services.
I recommend using a password manager like KeePass. You just have one master password for the database(make it a good one, since it's the one password to rule them all), and it will generate and store unique and strong passwords for everything else.
Also, you can store the database on a Dropbox or Google Drive account and sync between all your devices. There's even an Android version which installs as an Android keyboard to type in passwords for you.
I this the best variant is Keepass2Android
KeePass2Android is a better (easier & faster) Android app than KeePass Droid IMO.
Nope, I use Keypass2Android since it supports Dropbox for the password store.
>Joey For Reddit
I prefer Sync for Reddit
>Network Utilities
I checked this out. It's very limited. I would recommend Fing instead. Fing is more polished, and more features.
>Lastpass
I recommend learning how to use Keepass. It's an open source free password manger that's cross-platform. Once you get Keepass up and running, you can use the Keepass2Android app. on your Android device.
I would add KeePass password manager, why pay subscriptions when the best security is free, open source? Available for every platform, sync to cloud, or not. Best encryption available. Had a comprehensive code audit not long ago.
And this: KeePass 2 for Android is absolutely fantastic! Free, open source too. Feature rich, comes with built-in keyboard to avoid clipboard transfers, which are world readable by all other apps on device. https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
I love KeePass2Android It hasn't a great UI/UX but it's the best!
If you need a desktop app too, use: KeeWeb
> you'd likely need a plugin on every device you is (or potentially use) and have it configured the same way.
I don't think so. On Android and Windows biometric authentication is per device. There is no need to sync anything.
> you might end up changing the encryption keys or nonces or something within the database
Highly unlikely. Keepass2Android already has fingerprint support for Android. I use it on the same database synced across multiple Android devices and Windows PCs without any database alterations. As I said previously, the support exists at the OS level and the biometrics themselves are not synced. The client simply ties the device-unique biometrics to the database master password on each device. It doesn't touch the database at all.
>Especially since people are copy/pasting passwords with Lastpass etc
Fyi keepass2android uses its own keyboard that bypasses copy paste.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
This is what I settled on. Decent interface with all the standard features.
I will say, my setup is that my key database is stored on my personal server and is accessible to my devices via webdav. The whole thing has been pretty great, and I wish that I had done it sooner.
i havent had a chance to play around with the new KeepassXC yet, but Keepass2 v2.35 added KDBX v4 and i've been using that in conjunction with Keepass2Android without issue for months.
YMMV, so you should back up your database before monkeying around with any of this
edit: the Keepass project is not terribly clear about what KDBX versions they support. info about their v4 compatibility is buried here
Currently only on Google Play (there's an offline version too). The software itself is open source, licensed under GPLv3, and hosted on GitHub. I really hope to find a version on F-Droid soon.
UI is modern and easy to use, and Keepass2Android has the wonderful KP2A keyboard feature. That's the main reason I use it.
This is the app I use: Keepass2Android
Keepass is free (as in speech) software. Just install a client and create a new database. Save that database someplace you can access it from all your devices and you're golden!
My recommended clients:
KeepassXC for Linux/Mac/Windows- https://keepassxc.org/
keepass2android- https://github.com/PhilippC/keepass2android https://play.google.com/store/apps/details?id=keepass2android.keepass2android
>1. Can I use an android device and manage everything from a Mac?
Android File Transfer allows you to transfer files to and from your Mac.
>2. Can I use an Android device but NOT use Google/Gmail to store/sync everything in the Google cloud? (I only want info stored on my computer.)
Yes, you can turn off synchronization in your settings.
>3. Is it possible to sync iCal, Mac contacts, password managers, other Mac stuff, etc. on an Android device?
If you don't want to use Google you might be out of luck. If you run your own CalDAV or CardDAV server then it might work, but the synchronization would not be automatic. Most contact importers/exporters assume you are using a Google account for the sync purposes.
I don't think there's an app to access the Mac keychain on Android. You would need to export your keychain to KeePass and then sync the keychain file using your own server if you don't want to use the cloud. Here's a script that will help to automate the process. I use Keepass2Android to access my passwords on my Android device. It supports fingerprint unlock and auto-fill which is such a time-saver.
>4. What software will I use to put all my music, books, audiobooks, etc on my Android device? (I buy CD's and rip the music onto my computer. Everything is local, not purchased through Apple. Told you I was old-school...)
Basically just drag-and-drop with the included Android File Transfer. The included apps can read mostly everything but for books you'll need to get some other app. There's plenty of eReader apps on the Play Store and other app stores like Amazon's so whichever has good reviews will probably work best.
>5. I like to use POP mail rather than imap. Can I do that with a gmail account on an android device?
If you go to Settings-Accounts, then add a new one, then Email, you can enter the email and password, then select Manual Setup. From there you can choose server type, port, etc.
>6. Can texts to Android devices still show up on a Mac? (like in iMessage) >7. I'm sure there are several things I haven't thought of. I read that I need to turn off iMessage before switching. If there is anything else I need to know, I'm all ears. Thanks so much for your help! > >EDIT: Forgot to ask about pictures. Can I take pictures with an Android phone and sync them to my mac WITHOUT uploading them to the cloud? (I hate the cloud)
KeePass file saved to Dropbox/Google Drive whatever cloud storage you use.
And then I use this: https://play.google.com/store/apps/details?id=keepass2android.keepass2android on android to access from there.
I like that solution because even though Keepass file is stored on the cloud, the file itself is encrypted. So really you just have to trust the keepass windows and/or android app. Someone guesses your dropbox password, they still don't have your keepass password.
I believe them to be safe. At least Lastpass. It's pretty well known.
You can also try try keepass. It's free and open source. But back when I tried it, it took a lot of work to set up on desktop. Maybe things have changed! Idk!
Keepass is a desktop password manager. Keepass2Android is its android client.
By the way, in case you or others weren't aware - Keepass2Android supports fingerprint authentication along with having other features. That's a vast improvement over KeePassDroid, last I checked.
I use Keepass2Android now, I like it better than KeepassDroid. It has cloud syncing of the file (all the common options) built-in.
buy few flash drives with OTG support, or another few SD cards, put all your photos in it, seed, use keepass, sync the passwords and seed from this to some cloud service, buy a few fire and water proof boxes, bury one drive in your backyard with everything in it, and another in a trusted friends house, this way you should be covered buy theft, fire & flooding, every 2 years buy new drives updated with new passwords file with new passphrases and stuff. generate a passphrase for keepass database using something like this and use keepass with your everyday account so you remember the pass, give the passphrase and recovery instructions to your lawyer for when you die.
This is no Android-specific answer but here it goes:
Take a look at KeePass, it's an Open Source password safe for Windows and other platforms. You create a new password vault, secure it with one master password (this should be really long) and then enter all your existing passwords or better yet create new ones which are impossible to remember.
You can then sync that password vault with your Android device (via DropBox and other services) and open it with KeePass2Android to have them available on your phone.
This is what I've been doing for years. It's free and works great, IMHO.
DO NOT USE LASTPASS. You're just asking to get your info breached with online password managers. Use KeePass or something similar. Use a local database password manager! https://play.google.com/store/apps/details?id=keepass2android.keepass2android
It's not as complicated as that wall of text makes it seem but there are so many options in each program I wanted to make sure you didn't get lost, hence the step by step.
I'm looking forward to hearing it all worked as expected (as he crosses his fingers and knocks on wood).
It was an interesting puzzle for me. I actually enjoy figuring out this kind of stuff :)
Re Keepass, there are a couple of Android versions so you can carry your passwords with you. This is the one I use: Keepass2Android
Hi there, I know it's a stupid question but are you using the same app? I am using the KeePass2Android app. Keep in mind there are two versions: Online and Offline, I am using the online one -> https://play.google.com/store/apps/details?id=keepass2android.keepass2android
I hope I can help you find the import selection:
If you are in the screen where you have to type in your password there are two possibilities:
- Tap the change DB button in the bottom left
- Tap on the burger menu and then "change DB"
Then you will be seeing a screen with two options:
- Open file
- Create new DB
Tap on the first one and you will be taken to the import page.
Here's the screens I am talking about( I couldn't screenshot 1 screen because the app disables that function on most views/screens) -> http://imgur.com/a/F8KIh
Hope this helps :)
Cheers from Berlin!
The mobile app I use on my phone (Android) is KeePass2Android
<strong>Keepass2Android</strong> is a good example of a clean material-style UI.
<strong>Now for Reddit</strong> has a great design with nice animations and little extra touches that more apps should take a hint from.
I use KeePass2Android. It's the only one I've tried, so I can't say if it's the best.
<strong>Keepass2Android Password Safe</strong> - Free - Rating: 84/100 - Search for 'Keepass2Android' on the <strong>Play Store</strong>.
Yep. Keepass2Android on Android and MiniKeePass will allow you to use KeePass on those devices, and of course there's KeePass itself for desktop operating systems. Lastpass has apps for both iOS and Android and browser plugins for all the major desktop browsers.
I'm sitting here running Arch Linux using KeePass2 using a database that I have saved to a drive where I can get to it on my Windows 10 installation, and I sync that database with one stored in my phone to use with Keepass2Android. I understand that's a bit much for most end users to do personally, so I usually suggest Lastpass for those that are willing to sacrifice some peace of mind (it is still a cloud account that you can log into from anywhere and Lastpass itself could possibly be hacked) for convenience. If you think you can handle syncing a database between those three devices and keeping a backup somewhere off-site so you don't lose all your passwords if your house burns down, I strongly suggest KeePass just so you're not screwed if Lastpass does something stupid.
hmm, from what i know, last pass is used for passwords, right?
i already use keepass2android, it has fingerprint unlock too.
On my PC and laptop, I just use the Dropbox client and Keepass 2, while on Android, I use Keepass2Android (it can directly connect to your Dropbox account): https://play.google.com/store/apps/details?id=keepass2android.keepass2android
Not to derail too much, but I find the (IMO not the best named) Keepass2Android a pretty great Android version of KeePass. Better UI and full editing support, and can even sync with a database on Google Drive.
That is funny! It is actually Keepass2Android, an open source password manager. https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
Keepass2Android is excellent. https://play.google.com/store/apps/details?id=keepass2android.keepass2android
There are Android apps for KeePass. If you put the encrypted database on Dropbox and have a secure password, that covers all of your use cases excepting your "friend's desktop" situation. KeePass can be run from a thumb drive without requiring installation, so you could keep a copy of the portable exe on your phone and run it on your friend's computer.
If you are concerned about security of the encryption used, feel free to read the security section on the website.
If you have an Android phone, check out KeePass2Android. It has cloud integration with Google Drive (and more but I can't remember). It's very convenient.
I use Keepas2Android for storing my passwords. It's FOSS and it allows me to access my database on both mobile and PC via Keepass. I've heard Lastpass is pretty good as well, though I haven't used it personally.
I'm using KeePass 2 because the nifty keepass2android app uses the format, and has good functionality (e.g., it provides a keyboard that once you've selected an account provides two buttons, "User" which types your username and "Password" which types your password, and then locking the database switches you back to your preferred keyboard)
yes, it was a typo -- this is the app you want -- https://play.google.com/store/apps/details?id=keepass2android.keepass2android
You can switch to it's keyboard for password prompts which interacts directly with the database and doesn't use the clipboard (to avoid clipboard watchers if you care about that).
It's still a slight hassle to switch between the keyboards, but it's better than manually typing them, and it's just one of the tradeoffs for security. And for apps, not like you're constantly logging in on them.
I don't know about other mobile platforms, but I use KeePass 2 and Keepass2Android, which works pretty well.
I store my Keepass file in a Dropbox folder, then use Keepass2Android (which is compatible with the 2.x line of Keepass) on my phone & tablet - this means I can update my Keepass database from any device and it automatically syncs between all of them.
I myself use DropBox to sync the KeePass database between trusted devices (that is, my personal computer and my cell phone). Please note that using DropBox is complety optional and that DropBox sees it as just another file ^(TM).
On my PC I have a plugin installed in Chrome which allows to automagically enter the passwords from KeePass.
On my Android cell phone I use the aforementioned KeePass2Android.This app also installs a keyboard which allows to enter usernames and passwords system wide. If you don't want to use that, they can also be copied to the clipboard (which is possibly insecure, I've been told).
To my knowledge, the following options are available:
- You use KeePass exclusively on one of your devices, without syncing anywhere else. The database file lives on that device only. Obviously, you need access to that device to be able to read your own passwords and you have to enter them manually on all other devices (not counting options like PushBullet to send the password between devices, which certainly is not secure).
- You use KeePass on several devices and sync the database file manually (by copying / moving / email / smoke signs). No other service gets access to your database file.
- You let one of several cloud services (Dropbox, Google Drive, SkyDrive, FTP and WebDAV, according to KeePass2Android's site) handle the synchronization for you. All that is being transfered is the locked (encrypted) database file. No password (from inside that file) will be known to any of these services (I'm not that paranoid).
For an extra layer of security you can also enable 2-factor-authentification to your KeePass database file. Then you need 2 things to unlock the database file:
- something you know ==> your password
- something you have ==> another file
As you supposedly have thousands of files (mp3, photos, whatever) on your device it's near impossible to guess both the right password and the right file. Please note that I do not use this myself, so I can't vouch for this option, I just wanted to tell you it exists.
Install Keepass2Android Password Safe
Free, opensource encrypted cloud storage compatible password manager with free desktop app.
It installs an Android keyboard with the username and password as one button each that becomes available once you unlock the database an select an entry.
Take a look at KeePass2Android. It's what I've been using for years.
KeePass2Android can read and write KeePass files from version 1.x AND 2.x. You can use something like DropBox, GDrive, OneDrive, sFTP or WebDav to sync your devices. I'm using it with DropBox. It also delivers a new keyboard for automatic copying and pasting of your credentials. If you happen to be rooted, you can also enable automatic switching between KeePass2Android's and your default keyboard whenever you need it. That is quite convenient!
Please note that these services are only used to sync the still encrypted file. No password (from that file) is ever stored directly at these services.
Also, it's free and open source!
is this the same app? The screenshots look different but the option are the same.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android&hl=en
My glass is half empty here. The NSA probably doesn't care about the ruling and will most likely not destroy the data. Also, how would anyone know if they actually completely destroy the data or not? Making redundant backups is certainly something they do if they even remotely care about their collection.
I spend a lot of time listening to computer security podcasts and reading Krebs. One thing I will never forget hearing is something along the lines of "Always assume security has already been breached and data has been compromised". That in itself is a security concept I think all people should follow (especially when dealing with computers). This encourages continuing security improvements and helps keep guard on high instead of the opposite.
So with that, assume and expect that your data is still being collected by the NSA and will be for the foreseeable future. Act upon improving your security by changing various habits and using different passwords for each website account you are aware of and never let your guard down.
Edit: Here are some tools to help yourself stay generally more secure on the internet.
keepass: Generate and store random passwords locally on your machine.
keepass2android: Use your keepass database on mobile (consider the offline version)
syncthing: sync files across devices using your own hardware.
owncloud: compare to google drive only you can run it yourself.
veracrypt: create an encrypted container file to hold sensitive information.
telegram: use the secret chat feature to chat securely with encryption.
retroshare: a secure communication platform for securely sending mail, messages and using chatrooms
there many others out there, I will add your suggestions to the list as long as they are legit and you have personally used them.
disclaimer: The content above is provided for educational purposes only and should be used in accordance with local and national laws of your country and state. I take no responsibly for the actions of others based upon this information and do not advise or support the misuse or abuse of the information given.
https://play.google.com/store/apps/details?id=keepass2android.keepass2android
It actually acts as a keyboard provider. You tap a button and it types in the username, tap another one and it types in the password (or you can copy to the clipboard if you're not concerned about it).
This coupled with SyncThing has been my password solution for the better part of a year now. Love it.
There are a bunch of Keepass apps for Android. I use KeePass2Android.
KeePass supports both psk and certificates for unlocking and encrypting. You can require one, the other or both. I don't remember offhand what else it might support.
Keepass+dropbox fill-in (more or less; you can use either the clipboard or its keyboard) on Android: Keepass2Android
This app works well if you have the database in Dropbox or Google Drive.
On my PC
I create a KeePass database with a really secure password (or like myself, create a keyfile along with a password) that I keep synced in my Google Drive folder.
On my device
I open the same database file on Google Drive using the app, and it will keep the content of the database in sync. The app also include its own keyboard to safely enter passwords instead of using the less secure Copy & Paste through notifications. Nothing stops you from not using the keyboard, but it's recommended.
Since your KeePass file is something you want to protect at all cost, I also recommend using two-factor authentication on the Cloud storage you will use.
Keepass2Android - Password manager app. I save the file on Google Drive and I can access it from any of my devices.
Key Ring - Stores all of my rewards programs. So they don't fill my wallet or key ring. My wife and I use the same account so we only have to maintain one set of cards.
Looking For Me? Similar to LookFor but is free and ad free. Really surprised how often I use this when we are meeting friends at the bar or downtown. I can't seem to find it on the app store but I have the apk if you want it.
UnTappd If you enjoy craft beers. This is a great app.
Mint I can see all my financial accounts in one app. Plus the widget is nice so I can see my balance at a glance.
BrowsePass in Chrome works for me, alongside keepass2android on my Android devices. Everything syncs cleanly to GoogleDrive with no funky configuration required.