What is Reddit's opinion of
KeePassXC?
From 3.5 billion Reddit comments
100 reviews of this app found across Reddit:
Kudos for using KeePass :)
KeePass HTTP is usually OK, but is deemed a security risk. When you have KeepassXC (a fork of a fork of KeePass) and its official browser integration, why look elsewhere.
I personally recommend KeePassXC, it's a fork of another (basically dead) fork of KeePass.
The main features are full UNIX support (KeePass only runs on Windows) and as of recently a proper browser plugin, there were some security concerns about KeePassHTTP.
Link: https://keepassxc.org/project/ (The link to the extensions is there)
It's also available as a trusted chocolatey app if you are on Windows.
keepassxc fits the bill. It’s entirely offline and there are apps for every platform (on the page linked it just lists desktop but if you google “keepassxc android” you’ll get some options). If you want to keep things in sync offline try syncthing or resilio sync
Wow, this post has downvotes. Incredible.
Thanks for your efforts on this front, and I look forward to the OpenSSL TLS 1.3 audit.
Any interest in performing an audit on KeePassXC (github, site) and the latest KDBX format? It would be great to have an open audit of an open source, cross-platform password manager.
> He just texted me to let me know a password. He keeps a spreadsheet of them for me.
That's not very safe. You should get a password manager, that way you can store all your passwords and just have to remember a single one, also there's autofill, password generation and cloud sync. I use KeePassXC
I switched from LastPass to KeePass a long time ago.
There were a lot of times were I tried to login in to my LastPass account on my phone, only to find that I couldn't because I did not have a internet connection, and while they do have a 'Offline access' option in the app, most of the times it just didn't work.
With KeePass, it's all local. It's always available to me, no matter what connection I have or don't have.
I highly recommend:
KeepassXC for Win/Mac/Linux
KeepassDX for Android
Syncthing for syncing the database between devices
A keylogger is the first thing an abusive hacker boyfriend would install, which makes changing passwords futile. Besides threatening with contacting employers and authorities, wiping or replacing PC and phone should be the first step. Backed up personal files should be virus tested just to be sure. AFTER THAT you should change passwords. If you have current evidence of a breached account, change the password immediately. Use a phone as keylogging them is not as easy.
Remembering too many unique passwords can be exhausting but your password security relies on you NOT giving out your default phrase to anyone. Use a password manager like https://keepassxc.org/ which stores your password as encrypted file on your pc instead on someone elses computer (e.g. cloud). With a sufficient passphrase even the best haxor can't breach the file without years of computing time, making it "save" to back it up on your personal cloud. This enables you to give out unique passwords for every account making the inevitable breach of one account far less dangerous. (just make sure to never lose that file >.< )
> other ports are unofficial.
you mean they are forks, which is basically the whole idea of being open source: to allow anybody to adapt the original source and make changes.
I highly recommend this version: https://keepassxc.org/. It's in under active development, and available for most desktops. The password DB is compatible with any other KeePass based software.
What everyone here also needs to know:
Creating a secure password that you don't remember is orders of magnitude easier if you do it with a password manager.
I prefer the one that I linked because it functions entirely offline, but it's more than possible to find other alternatives that function over a cloud instead.
Password managers such as the one I linked can also generate passwords for any account you have per your specifications on complexity. So if you want a phrase of 18 random words, it'll do that. If you want a string of gibberish that's 32 characters long, it'll do that.
Having a password manager only requires you to know the master password to even use it at all. But if ever there's a password leak and you find that your existing accounts are compromised, fixing that is as simple as opening a manager, hitting "generate" on whatever account got hit, and updating the new password entry both in your manager and on whatever account was exposed.
All password lists made in generators like the one I listed are heavily encrypted, so even if someone straight up stole your password files, they'd never be able to actually see anything.
At this point, no one should ever bother trying to remember passwords they use for anything. The reasoning behind that is that you'll be more likely to repeat said password across various accounts, thereby increasing your risk of exposure during data breaches.
tl;dr: Trying to remember your passwords is pointless and only increases your chances of extending the damage to yourself if you're hacked. Just use a password manager like KeepassXC and never worry again.
They maintain a great account/password manager. If you are on the internet, you should probably be using one (not necessarily theirs, but an account/password manager).
Check out how fast they responded to a request to add BCH for donations.
Password managers can create complex passwords for you, and a different one for every site you use.
If you use one (or just a few) passwords between different sites or services, if one gets hacked, your username/password can (and will) get tried on other services.
A password manager can create a long, complex password that's hard to crack by brute force, and even if it does get cracked, your other passwords are different, so one breach doesn't impact any other services you use.
The downside is that there is a single point of failure; you must remember the master password, and that password must also be hard to crack by brute force.
I would recommend a password manager that lives on your local machine, instead of in the cloud, so that crackers need physical access to your computer to get to your password database and try to brute force it. https://keepassxc.org/ is a good one. If you do need to access your password on different devices, you can use dropbox or something similar to sync, or keep your passwords on your phone.
Furthermore, your master password should be long, because brute force cracking takes exponentially longer for longer passwords. You could for example use a short sentence instead of a range of hard-to remember characters. Brute force tools try every character one by one, so the longer your password, the less chance they will every get it.
If you do forget your master password, most services will allow you to reset it by mail. And if all else fails, just jolt it down on a sticky note and stick it to your monitor.
That one has less entropy though because it isn't random words and is thus much less secure than 'sweatshirt pledge googles abundant' for example.
Use EFF's diceware list for secure and yet easy to remember passwords: https://www.eff.org/de/deeplinks/2016/07/new-wordlists-random-passphrases
Or use a password manager like KeepassXC: https://keepassxc.org/
Or enable 2-Factor-Authentification which many sites (Facebook, Google, Amazon) support: https://www.turnon2fa.com/
Wait, how did we get from Merkel to here?
> Why blocking the paste option on the confirmation password? How am i supposed to use a secure 32 char password from my password manager?
You can send the keystokes with software, KeepassXC is likely the most convenient option (auto-type with Ctrl + Shift + V), but something like Autohotkey works as well.
Hmm, should be there, ah, it's mentioned within the item. It was added in https://github.com/privacytoolsIO/privacytools.io/pull/261/commits/1aa403bb82750c93bb8ec308302fdbe269bf4da6
ah, it was not clearer because you had not yet suggested a change! i've done it for ya https://github.com/privacytoolsIO/privacytools.io/pull/636
it's not also a complete replacement for KeePass because: https://keepassxc.org/docs/#faq-platform-mobile
I like keepassXC since it has built in browser integration in addition to the generic auto fill of Keepass. Both are compatible, so if you decide to move you can just open your Keepass database in KeepassXC or vice versa.
There is keepassxc. It's not a fancy UI, it's functional but more lightweight and less dated.
Its source code is on Github and you can contribute too if you want.
What's your opinion of browser plugins? Is Bitwarden's browser plug-in as secure as using their standalone program?
edit: Not Bitwarden's browser plugin but the KeePass-XC project definitely found theirs had additional attack surfaces/vulnerabilities which probably means browser plugins are not ideal for the very security conscious.
Keepassxc is compatible with Keepass and has more active development than keepassx. Here’s the download info
KeePassXC is the best choice these days.
Also have a look here: https://strongpass.us
Online solutions are bad choices because they are honey pots for hackers. LastPass has been hacked 3 times in the past 5 years. That's incredible for a company that specializes in security products.
Sure, you can follow the instructions on kik's website to reset your password using the email address you signed up with.
In future you can also use a password manager like keepassxc to ensure that you don't have to remember your passwords.
>As another Premium subscriber, up until August, when I will not be renewing...
July for me. Have been a paid user for seven years. In two of those years the price tripled. Not worth it for me anymore. I moved everything to KeepassXC, set up syncing on both iCloud and Syncthing (for non-Apple devices) and it's been rock solid.
My password is written on a piece of paper and in our safe at home. Will put a copy in our safety deposit box next time I visit the bank.
The only thing that is a bit weak with KeepassXC for me is their Yubikey support. It works but requires dedicating a slot in the key to that purpose.
Äh, nein, ich würde im Leben nicht auf die Idee kommen, so etwas unsicheres zu tun.
Dann kann ich ja gleich auf dem Desktop eine .txt mit allen Passwörtern liegen lassen.
Wenn es dich interessiert, eine sichere Methode wäre z.b. KeePass zu benutzen. Oder andere gängige Passwortmanager, die dir noch deine Daten lokal abspeichern und nicht beim Anbieter.
Das speichert nicht nur deine Passwörter komplett verschlüsselt und sicher, sondern hat auch für allen gängigen Browser ein Plugin, um die Passwörter automatisch zu speichern/abzurufen.
Zusätzliches Feature ist der Passwortgenerator. Einfach für jede Webseite ein neues, sehr langes Passwort generieren lassen.
Wenn man seine Datenbank dann z.b. auf einer Cloud liegen hat, hat man über all seine Geräte (auch Ios oder Android) Zugriff auf die Passwörter. Sicher und verschlüsselt. Und open source. Man muss sich nur noch das Masterpasswort merken und fertig.
In my 10 years of internet usage I've never understood how do people get hack these days. But again, I'm the one kind that uses KeePassXC for generating and storing long random passwords.
Maybe you should give it a try, too.
- Autocomplete menu for input fields (autofilling is disabled by default, user interaction is needed or always preferred)
- Password generator (shares the KeePassXC settings) for password fields
- Possibility to add or update credentials from the extension
- Fill TOTP if it's configured in the entry
- Supports filling HTTP Authentication dialogs
- Lock the database from the browser
Of course many of these things can be already done with AutoFill. Bad reviews in the AMO page are probably because people don't read the migration guide.
Keepass supports 2FA. Your Master Password to your key db can consist of multiple (optional) components.
From the Keepass Docs:
> Your KeePass database file is encrypted using a master key. This master key can consist of multiple components: a master password, a key file and/or a key. For opening a database file, all components of the master key are required.
So you can carry with you a key file, and remember a master password -- you will need both to unlock the database. If you like, you can store the key file on a USB stick and carry that around on your physical person.
If someone gets ahold of your key file, they won't know your master password, they still won't have access.
if someone figures out your master password, but doesn't have the key file, they still won't have access.
Also check out KeepassXC, a fork of Keepass with some nice features.
> Because if someone were to hack the Cloud servers, they would gain access to my passwords.
That is not correct as a general rule. For example, I use KeepassXC as my password manager. Its database in which the data is stored is encrypted. The file is secured with a password and, in my case, with a Yubikey too. So I have no problem synchronising the file, for example, via my own Nextcloud instance or one of the well-known cloud providers.
>I've heard of something called BitWarden. But I also heard it stores your passwords on Cloud servers. Is there an option to store the passwords locally?I've heard of something called BitWarden. But I also heard it stores your passwords on Cloud servers. Is there an option to store the passwords locally?
Bitwarden is basically not designed to be used offline. That's why you would be better off with solutions like KeepassXC. You can also store the database on a USB stick or synchronise it between several computers within your LAN using tools like https://syncthing.net.
https://keepassxc.org/ works great. You control where it goes, it's already in normal repos, and it can even import your 1password files. It's nice that 1Password wants to sell to Linux users - but if it is closed software doesn't it miss the mark for why we choose Linux?
What happens later when they alter the software. Do you just keep paying and go along with however they want it to be?
So my reaction is mixed, enjoy whichever software you like for sure. But keepassXC I have found is a perfectly great password manager.
Password managers are there to alleviate this problem. They are able to generate high-entropy passwords, and you only have to remember (a very long) one to open the software. They can be portable and available everywhere you go too, I personally use KeepassXC with its database stored in Google Drive so that I can access it on my phone (with Keepass2Android) and at my work computer (with the portable edition of KeepassXC).
Yes, and if you use the same passwords on other sites (especially your email account!) you should change those too. Ideally you'd use a password manager like KeePassXC or one of those mentioned in the post to generate and keep track of long, random passwords for each site you use.
Yeah you can do. It can be handy to have the actual TOTP secret as text though, as you can then import this into a variety of other tools that support TOTP 2FA.
For example, I use keepassxc which supports TOTP 2FA. Of course storing your 2FA secrets with your passwords is not a good idea, so I then protect the password database itself with a password and a yubikey hardware token, which keepassxc also supports.
I then keep a backup of the key on the hardware token and a plain-text backup of the database file an offline, secure location.
I also use KeepassXC extensively on Manjaro (arch based) as well as on various Ubuntu flavors briefly, didn't have any issues so far. For Ubuntu you might be best off with installing the snap package. It also has a Windows installer so you can take it for a spin before commiting: https://keepassxc.org/download
Firefox can export your passwords as a .csv file:
https://support.mozilla.org/en-US/kb/export-login-data-firefox-lockwise
And KeePassXC can import .csv files:
https://keepassxc.org/docs/KeePassXC_UserGuide.html#_importing_external_databases
I don't know how well that will or won't work, but it's the first thing I'd try.
Used it like that for 3 years with a Linux box in the mix as well worked great.
I have a collage that uses KeePassXC on windows as he prefers that UI so you can do that as well - https://keepassxc.org/download/#windows
Haven't used it for credit cards but I would just add the digits as a note to an entry.
If your main concern is feeling safe, you could always use a locally stored database via keepass for your bank info and other extra-sensitive information. Putting a password-protected keepassxc database on an encrypted USB is a pretty simple setup for some very good security.
> I know I'm tinfoil-hatting, but out of all the free services I use where I think "how is this site gaining from me? They're probably studying my ass"
If this is your concern, don't use one of those online services where you give all of your passwords to someone else to take care of them. Instead, use something like KeepassXC https://keepassxc.org/ which is an open source project, runs on donations, and works offline. The password database is fully encrypted, so you can put it on Google Drive or Dropbox without fear that they can break into it, since it's not like Google/Dropbox control the decryption software too.
The problem with LastPass and 1Password is that they control the client software that decrypts your passwords and they control the password storage. You can never really be sure they aren't recording your master password, decrypting it on their end, and doing something nefarious. You just have to trust them. With offline, open source software, you can read the source code: https://github.com/keepassxreboot/keepassxc and even if you don't have the expertise, it's all there and someone would spot if it were connecting to the network - it's an entirely offline program that doesn't send anything to anyone.
I never understood this obsession with using online password storage services, it always felt like it was driven by marketing and ads. Syncing between devices only needs to be done like once, once I have my long ass 128 character password I'm not changing it until there's a security breach or something, don't see why the databases need to be synced with any regularity.
KeeChallenge plugin for KeePass is not compatible with KeePassium. To open your database on computer, you would need to use KeePassXC.
Why not use KeePassXC? Use a key file (never share the key file via online methods, transfer directly to any devices you need to share it on), memorize a 10-word Diceware Passphrase, and if you have them also enable Yubikey Challenge-Response.
Use a password manager. I recommend KeepassXC, which is really good and free and open source. It doesn't support syncing by itself, but you can sync the database file with Dropbox, Google Drive, Megasync, Syncthing, etc.
In their FAQ they say: >KeePassX is an amazing password manager, but hasn't seen much active development for quite a while. Many good pull requests were never merged and the original project is missing some features which users can expect from a modern password manager. Hence, we decided to fork KeePassX to continue its development and provide you with everything you love about KeePassX plus many new features and bugfixes.
I've heard of this before. A few notes:
- He doesn't actually have anything on you. How these scams usually work is that they send a mass email like this, claiming "I have video of you watching pornhub." Lots of people who get this email won't even have visited pornhub, but a portion of those who did will be scared enough to pay up. The only new thing about this is the password. My guess is the guy got a list of passwords from some data breach and sent these emails to the people on the list. The password gives his threat extra credibility.
- It sounds like you're using the same password across multiple accounts. This is very dangerous for exactly this reason (e.g. cracking your Twitch account also gave him your email account). Use a password manager instead. I recommend keepassxc.
Oh, in that case you'll probably get the account back.
For the future; you should use a password manager for all accounts. I recommend KeePassXC (it's free, open source and strong). I also recommend choosing passwords between 32 and 64 characters long. But you can always ignore this, you do you, man.
https://keepassxc.org/download/#linux has instructions, scroll to whatever OS you have, or if not listed use the appimage. KeepassXC was created since keepass doesn’t have good native integration in linux and keepassx doesn’t have very active development going on, so yes, it is a good option
But KeePass being open source means there is another option. KeePassXC is for Macs / Linux. There's also MiniKeePass for iOS, with the drawback of not syncing, so if you make changes to your *.kdbx file on your Mac, it would need to be manually added to MKP which isn't terribly hard, you can import it from an email attachment (and vice versa).
> I mean in Japan we are TOLD NEVER TO WRITE DOWN PASSWORDS OR TAKE SCREENSHOTS OF THEM BECAUSE THAT IS A SECURITY THREAT but I guess it is OK if we expect the customers to do that instead... for a security App....
If you are looking for an alternative, i would like to suggest https://keepassxc.org/ . It stores all your passwords locally and has a great browse plugin as well (chromipass). It's not as comfortable as lastpass (i am making the switch myself at the moment) but it's pretty close and i like it so far.
A lot of those configurations I've used myself. With the cookie tweaks, every time you relaunch your browser, you will have to re-log into the sites you had a login session on if you set the cookie lifetime policy. A password manager with auto typing will help out in the case, making it bearable. (I suggest KeePassXC.) You can only install it from source atm (their snap pack had a few bugs and I don't recall the HTTP plugin working on it.)
The combination of uMatrix and NoScript is going to drive you to insanity however, or at least it would me. I use NoScript only, and it's taken some time amassing myself a profile of which things to keep enabled and which things to disable. It's going to break the majority of sites you visit until you enable each domain resource they keep their site haphazardly spread across. You'll see that a lot of crappy tech journals and news sites do this.
Un logiciel propriétaire en réseau pour stocker les mdp, par principe ça a le don de me démanger. https://keepassxc.org avec l'extension navigateur ? Ça gère aussi l'OTP. Mais si tu es avec Bitwarden j'imagine qu'il y a un besoin de partage ?
You should ideally avoid proprietary/closed-source password managers. Being stuck in their ecosystem, or paying for it like for a service, is not worth the security of your accounts.
I personally use KeePassXC. Sure, it's the least convenient one, but I'd rather sacrifices that part of the experience if it means limiting the attack surface, as well as not letting anybody use that fact as a means of making profit.
I managed to convert my entire 1Password vault over to KeePass format by switching off iCloud sync in 1Password 7, which gives you access to the .opvault file (as opposed to the .1pux format). You can then import that into KeePassXC.
Most browsers can be set to clear your history and personal data when you close the browser. Firefox can. Most browsers will not "remember" login credentials if you do not tell it to. It sounds like you might be interested in a password manager like Keypassxc or Keypass. It is open source and there is an Keypass is the lder version (lots of plugins) while Keypassxc is newer and has more active development. The user interface is a little more attractive to some. Bitwarden is open source. It is a cloud service that can also be selfhosted.
Not sure if this will solve your problem, but you can export part of your keepassxc db to a different db with a different password. That way you can lessen your potential exposure. IIjRC you can set up the export to happen automatically when you update your "main" db.
This will make your master password safe, and only the exported subset plus that password will be potentially interceptible.
Of course never open the main db at your work computer when using this solution.
And as others said, if your work computer is "malicious" you can never be fully secure with anything that you do on that machine. This is (like all security) a risk/reward scenario.
https://keepassxc.org/docs/#faq-keepass
> Q: Why KeePassXC instead of KeePass? KeePass is a very proven and feature-rich password manager and there is nothing fundamentally wrong with it. However, it is written in C# and therefore requires Microsoft's .NET platform. On systems other than Windows, you can run KeePass using the Mono runtime libraries, but you won't get the native look and feel which you are used to. KeePassXC, on the other hand, is developed in C++ and runs natively on all platforms giving you the best-possible platform integration.
Ich nutze seit einiger Zeit KeePassXC und keepass2android und komme damit super gut zurecht.
Zum synchronisieren habe ich mir ein kleines Skript geschrieben, welches beim anschließen meines Handy an meinem Rechner ein Datenbankbackup macht und die Datenbank an beiden Geräten updated. Das Ganze geht dann über adb.
Ich wollte was Queloffenes haben und kann mich eigentlich nicht beschweren.
I didn't change a lot of settings, except for the theme and activating fingerprint login.
KeePass DX stores your passwords in a file using the KeePass database format, there are a lot apps that can handle that format on the desktop. I use KeePass XC, which exists for Linux, Windows and Mac. But you have to sync your database file from the phone to the desktop yourself, KeePass DX doesn't do that for you. You can use Nextcloud, Syncthing, Google Drive, Dropbox or whatever you want, you just need to sync the one database file.
looks like it has installation options for most of the major distros. i don't use it so i don't know if there is a way to copy all of your data from one os to another or if you would have to rebuild your database. hopefully someone else can help answer that one. https://keepassxc.org/download/
I use KeePassXC - https://keepassxc.org/ KeePass Cross-Platform Community Edition
Since i use / switch from Windows, Linux to Mac or even Android.
And it's free!
Auf jeden Fall! Dazu kann ich KeePassXC und KeePassXC-Browser als Firefox-Addon empfehlen, funktioniert bei mir unter Windows und Mac sehr gut. Je nach Bequemlichkeit/Sicherheitsbedürfnis kannst du in den Add-On Einstellungen das automatische Befüllen der Login-Felder und den automatischen Zugriff auf die Einträge in der Datenbank erlauben.
I use LastPass on the free account. I have the OATH TOTP 2 factor set up on all 3 of my Yubikeys (You use the same QR code to set it up on as many Yubikeys as you want). That way I use the 6 digit code and that will get me in, after getting my username and password correct.
If you want something entirely offline, look at KeepassXC https://keepassxc.org/
KeepassXC uses a challenge-response slot that you set up on your Yubikey and you can use the same secret string on as many Yubikeys as you wish.
Those two are the only options I would personally recommend.
For now, I don't think that there is that much difference between the two, but this might change in the near future (all speculations). One of the reason why I went with KeePassXC, was for the similar UI/features on Linux/Windows.
After checking their FAQ, here's what I found:
Q: Why is there no cloud synchronization feature built into KeePassXC? Cloud synchronization with Dropbox, Google Drive, OneDrive, ownCloud, Nextcloud etc. can be easily accomplished by simply storing your KeePassXC database inside your shared cloud folder and letting your desktop synchronization client do the rest. We prefer this approach, because it is simple, not tied to a specific cloud provider and keeps the complexity of our code low.
Long story short, if you're always on the same platform and rely a lot on the sync feature offered by the plugin, just stay with KeePass 2 for the time being. The database format being compatible, you will have no trouble switching if need be.
I use KeePassXC. It's a free, open source password manager, and what I like about it is that your password database is on your computer, and not some company's cloud server. It's also available for Windows, Mac, and Linux operating systems.
I also like to backup my KeePassXC database to an external hard drive just in case my laptop dies or gets stolen.
A downside to KeePassXC would be if my house burned down and I lost both my laptop and my hard drive. I know you can also create your own cloud server - which I would like to do sometime in the future - but I haven't got around to it yet...
KeePassX is no longer maintained. Instead you can use KeePassXC which have many additional features.
It is available as a snap package: sudo snap install keepassxc
Creates a DB with AES can be used with any Client/Port.
Like /u/xcheet said, it's better to use KeePassXC, is more active project and it's community-driven.
As for KDBX4 DB (argon2/chacha20) on KeePassXC see issue #148
Seems to be a fork <em>of</em> KeePassX with the aim of being properly cross platform and having better security. Might be the best non-Windows client (going to try it over the usual KeePassX in WINE right now), but I'll stick with KeePass for Windows.
Edit: Yay, it's going to support KDBX4. No more exporting a copy for KeePassX to use separately.
>what exactly can he see on my hard drive if he puts it in a new laptop? all my photos were deleted when windows was reinstalled
If you didn't take special measures to ACTUALLY delete the data(instead of just doing a "quick" format) - like running DBAN against the drive - a lot of it can be recovered.
>Will he be able to get into my email/Facebook/anything?
Likely not, but it's a great time to change all passwords and start using a password manager if you aren't already.
>If windows was reinstalled, will anything even be on the hard drive?
Again - quick format? Absolutely.
But the person would have to try.
And use a password manager, so you can have unique passwords for everything, that way it's not a huge deal if one leaks—and it's easy to fix as opposed to having to change passwords for X accounts that use the same password.
Plenty of free/cheap ones out there. KeePassXC and Bitwarden are both free and sensible options.
Password & key does bring some benefits but not as much as you'd think:
From https://keepassxc.org/docs/#faq-yubikey-2fa
Does KeePassXC support two-factor authentication (2FA) with YubiKeys or OnlyKeys? Yes and no. KeePassXC supports YubiKeys for securing a database, but strictly speaking, it's not two-factor authentication. KeePassXC generates a challenge and uses the YubiKey's response to this challenge to enhance the encryption key of your database. So in a sense, it makes your password stronger, but technically it doesn't qualify as a separate second factor, since the expected response doesn't change every time you try to decrypt your database. It does, however, change every time you save your database.
I just remember reading about it the other day, that's all.
Reddit search isn't the best, but you can search by post titles like this title:firefox limit it to just this subreddit and sort by new. There's also the official openSUSE forum at https://forums.opensuse.org/ I've found the folks over there to be really helpful. openSUSE bugzilla is over here https://bugzilla.opensuse.org/
I got tired of trying to come up with a witty or amusing username which wasn't already taken, so I used the output of a password generator for my username. I'm currently using KeePassXC password manager. It's open source and cross-platform.
Can you share your results, from the troubleshooting steps I provided?
Moving forward, if you don't mind you can also remove the version you have installed and the browser plugin.
Proceed to install from the command line with:
$ sudo add-apt-repository ppa:phoerious/keepassxc$ sudo apt-get update$ $ sudo apt install keepassxc
these are the official steps for ubuntu
https://keepassxc.org/download/#linux
After installing that way, download the plugin for firefox and test.
I don't know what the problem is, but could be a problem with the version on the app store?
No, you can't have different passwords for read/write. It would not be possible to enforce that anyway since both people have full access to the file and anyone who can decrypt the data can overwrite the file. You'd have to manage that access at some other layer such as the file system or network access layer.
One option you can consider is using KeeShare (this is supported in KeePassXC but I'm not sure about KeePass). This allows you to share a subset of your credentials in a separate database and you can then control whether you want to allow import, export, or both back to your main database. See here: https://keepassxc.org/docs/KeePassXC_UserGuide.html#_database_sharing_with_keeshare
Well, what i´m currently use is KeePass. Completely portable and you can even make a password for the actual File that contains all your data to make it more secure. On top of that it has a lot of nice features.
But i will switch to KeePassXC in the near future. It´s completely compatible with KeePass´s original Data File, so you can import it just fine. Also i like the Interface much more.
https://keepassxc.org/ with the passwords database file being backed up on Google drive with the strongest encryption. I have that installed on two different PCs, and also have the android app Keepass2Android.
KeePass/KeepassXC are offline password managers. The database is stored in a single file.
You can copy and open that database on any device with KeePass, even use KeePass on a USB pendrive.
To use with Firefox or any browser you can use autotype or install KeepassXC-browser addon on your browser.
https://keepassxc.org/docs/KeePassXC_GettingStarted.html#_setup_browser_integration
KeepassXC is pretty generic, whereas 1password has some nice touches:
1Password automatically keeps the old password, along with a datestamp, whenever you change the password. With KeepassXC, you have to manually copy the old password into the notes field.
1Password has specialized entries for login accounts, credit cards, bank accounts, software licenses, notes, etc. While KeepassXC can still handle all of these, you generally have to stuff everything into the "notes" field. Not a real problem, just messy.
Sorry, there's no wifi sync -- in fact, there's no built-in syncing of any type. Instead, the developers want people to put the databases into a cloud provider like iCloud, dropbox, onedrive, google drive, etc.. Everything's encrypted, and so that shouldn't be a problem.
Note that KeepassXC has no smartphone apps, although they do recommend some 3rd-party ones for iOS and android.
Also note that KeepassXC needs network access to download icons and the like: https://keepassxc.org/docs/#faq-security-network
Start using password manager.
I recommend using KeePassXC with browser plugin. Works very similar to built-in manager. Also you can backup password database using cloud storage service.
Whilst this is a good offer, if you're looking a password manager then I'd like to suggest some free open source alternatives that may suit your needs or preferences better:
Bitwarden - https://bitwarden.com/
KeePassXC - https://keepassxc.org/
PrivacyTools is a good resource for things like this and also recommends both, along with a few others:
I assume you're asking if there is any way to open multiple databaes at once by unlocking only one database and yes, there is, It's called "AutoOpen"
Here is the link for it: https://keepassxc.org/docs/KeePassXC_UserGuide.html#_automatic_database_opening
I hope that's what you meant.
Yubikeys are not meant to replace password vaults/managers. They do have support for storing a single static password, but that's not it's main intended use case. You could install an offline vault on your computer (e.g. KeePassXC) and set it up with your Yubikey to require a challenge/response to authenticate.
If you need an option without subscriptions, you can't go wrong with the KeePass ecosystem, which the vast majority is open source and gratis. KeePassXC is the absolute best cross platform desktop program (Windows, Mac, AND Linux!). It even has companion browser extensions. On Android, I use KeePassDX. I don't use iOS, but the KeePassXC team seem to have some solid recommendations.
They all are just programs that open the same encrypted vault file, and there are plenty of ways of copying/syncing said file, so it truly is the most private and cheaper way to manage passwords. Hope that helps!
There are snap and flatpak versions of that software.
a PPA can be made by anyone.
The description. for that specific one says..
PPA description
KeePassXC Password Manager (official upstream PPA)
https://keepassxc.org/download/
So it says its official at least. But i have no idea how such things get verified.
and it is linked to by the official web site. - So it seems legit to me.
>keepassxc does not support 2fa as far as database decryption goes. best you can do is a keyfile
Well, having something to provide to KeePassXC is a second factor in addition to your password. Sure, it doesn't change every time it's presented like U2F or HOTP/TOTP, but it is still a second factor.
KeePassXC also supports the Yubikey challenge/response protocol. Like the key file, unfortunately the response doesn't change unless the database is modified.
I know KeePassXC doesn't want to qualify either as a second factor, but both the key file and the Yubikey is something you have in addition to something you know, so personally, I disagree with KeePassXC.
Photo ID badges, bank cards, physical keys, and other things that require physical possession and presentation during authentication are considered a second factor in multi-factor authentication, so I don't see why a key file or challenge/response protocol wouldn't be.
Strona jest legit.
A, właśnie, skoro już jesteśmy przy tematach bezpieczeństwa, to polecam zacząć używać managera haseł i dla każdej strony mieć długie, unikatowe hasło.
Od siebie mogę polecić KeePassXC (potrafi trzymać/generować kody TOTP/Google Authenticator):
It would appear that you are looking for advice on password manager options. This qestion has been asked many times before, for previous discussions we would suggest [perusing the archives](/r/privacy/search/?q="password+manager"&sort=new&restrict_sr=on&t=all)
For a quick answer, we would recommend using one of the following open source solutions:
If you feel this post was removed in error, please message the mods to discuss.
I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/privacy) if you have any questions or concerns.
KeepassXC is cross-platform, integrates much more functionality natively. He has a much more active development. I think it’s more secure because there is no need for any plugins. I prefer the interface. Database password is compatible between keepass and keepassxc. Test it. I think there are all the features you want, natively
( I recommend keepassdx for android, with magickeyboard)
If you're using YubiKey integration in Challenge-Response mode, you can program the same secret to both YubiKeys and they will be able to open the same file. Challenge-Response mode is supported by KeeChallenge plugin in KeePass and it's built-in in KeeWeb and KeePassXC, as well as in popular mobile apps.
Do you use the same password across multiple online accounts and services? You've likely been breached and are being targeted in a credential stuffing attack. Check on HIBP to see if you've been exposed in known some of the more well known data breaches.
You're going to have to log into each account you're getting notifications about and change the password. Consider using multi-factor authentication on important accounts such as banking, billing, and email accounts specifically. Use a password manager such as KeePassXC to keep track of all online accounts and passwords. Generate and random unique passwords for each account. Lastly, never re-use passwords across accounts. Once the password is breached, you leave yourself wide open to these kinds of attacks.
Save important files at least twice. Use at least two harddrives. Better is three. Then you leave one at work. And the next day you leave the updated harddrive at work.
Encrypt with Veracrypt.
Use Keepassxc as the password manager. Also keep your passwords in two different places.
I haven't tried libre calc tbh, after being there since excel v1.0 and heavy use for work since, I just had no inclination to change.
I use keepass2 on my final windows laptop, but found out keepassxc did the same on linux.
I still help family with win10 machine issues and will never go back...
They integrated the one for YubiKey so no plug-in require, but otherwise no not at this time per the FAQs. Just curious, which ones do you like? Been using KeePassXC for about 2 months and love it.
>In this case, my chromebook and trying to use the google 2SV scenario with a very long password that i do not know
Oh, I see. You need your password to get into the chromebook to get to the passwords :) Chromebook is not very good for you in this case. I have a Linux laptop set up with yubikey-luks, so I don't have to remember a hard password. My yubikey generates the hard password from my easier password. It's not unphishable, but it's better than a memorable password at least. Once I'm into my laptop, then I can access my password manager.
>How does QTPass vary from KeepassXC?
Most password managers use a master password. I don't like this, because if someone can intercept your password archive, they can break into it with no further help. They only need to guess the password. To get an idea of how easy that is, try your password in the zxcvbn checker.
QTPass uses gpg-agent which in turn uses the Yubikey to encrypt the passwords. The yubikey is required for decryption. It could be better maybe, as QTPass is still one factor protection, but I consider a hardware key better than any master password I might be able to remember.
I see KeePassXC uses a key file (could be stolen by software) or Yubikey challenge response (hmac I assume, which means phishable like yubikey-luks mentioned earlier). It's too bad KeePassXC doesn't support gpg-agent or perhaps pkcs11.
KeePassXC is probably more user friendly though. QTPass requires setting up the gpg keys on the yubikey and git for syncing. Two things which will probably scare a novice away.
> i use a keepassxc DB that is stored on my google drive account. i want to be able to make it as seamless and painless as possible when using it, what is the best way to do this?
Setup Challenge/Response on your YubiKey, tie it into to the KeePassXC database. Put your database file on Google Drive. Be aware that KeePass2Android does not really support any 2FA, though the author of KeePassXC recently released a fix for KeePass2Android (beta!)
>currently, i noticed if i put 2SV on my google account that the drive account is associated with for the keepassxc DB, it breaks functionality for apps like Tusk and Keepass2Android
I don't use KeePass2Android (for the reason mentioned above), but can you expand on what's breaking? Can KeePass2Android just not access the file at all?
Did you check the official migration guide?
For nerdy troubleshooting, use this wiki page.
The cool thing about open source is anyone can make it
I’ve used both. And it was a real question. I see no reason to want to use something else, considering its open source and plugin nature, it’s extensible in every way.
You should never post a password on something like PasteBin. Use a password manager. I personally use KeepPassXC. If you need an online password manager (I'd recommend to use something like KeePassXC if possible though), then I think LastPass is still the most popular.
I personally use Dropbox for usecases like yours. Just keep files in the Dropbox directory. Public links can be generated if you need to share a file with a few people. You can access the files with a web browser if you need to. If your computer dies, the files will still be on dropbox (and any other computers that you're logged into dropbox on), and if dropbox dies, it will still be on your local computers.
(You can keep your KeePassXC file in Dropbox, and have it sync between devices)
Edit: If you aren't using it already, you can use git and a website like Github or Gitlab to share code, along with all of the benefits of git as a version control software. It's very widely used in CS