Hi u/cng2112, Strongbox author here. This is very doable and multiple databases are no problem and available in the Free version.
I personally use Dropbox (sharing with another account) but I know also the iCloud Sharing works well too. There's an FAQ on the iCloud version of this here:
This will read/write to your iCloud and I know some people are using this setup. I've tested it myself and it works well.
Full Syncing can be a little trickier. Currently no iOS app supports the full proper advanced sync like the Desktop version of KeePass or KeePassXC. This involves comparing two different versions of your databases and merging any changes automatically. So there is a small window if you have multiple simultaneous writers, of one version overwriting another.
I'm hoping to add this functionality to Strongbox in the near future which should definitely fix these kinds of conflicts in the same way as the Desktop versions.
Hope that's helpful!
No worries! Glad it's all sorted out and thank you for the kind words on the app. :) Will of course appreciate your support with the Pro version.
Cheers,
-Mark (Strongbox dev)
Hi there, I'm guessing it's a KeePass database?
You didn't by any chance delete the Strongbox folder on iCloud did you? There's a FAQ on that here:
Thanks u/Aikido-girl!
Yes, so using a physical hardware key like a YubiKey is a Pro feature on both iOS and macOS. If you drop your Pro status, then I'm afraid yes, you'll lose the ability to use a physical hardware key with Strongbox.
However, the "Virtual Hardware Key" option is still available to all users and will get you out of any sort of emergency situation. You can read more about those here:
https://strongboxsafe.com/updates/virtual-hardware-keys/
Only on iOS at the moment, but they are also coming to macOS.
After installing, go to System Preferences --> Extensions, find "Password AutoFill" in the left list and enable "Strongbox".
In Strongbox, open your database, go to Database --> Database settings... and there, on the "AutoFill"-tab, enable AutoFill for that database and configure the other options to your likings.
Also make sure you've enabled "Username and Passwords" auto-fill in Safari Preferences.
Here's the official documentation about this: https://strongboxsafe.com/support/#reamaze#0#/kb/how-to-guide/how-to-autofill-on-macos
Strongbox (MacOS, iOS)
For years I've used KeePass & KeePassXC on Linux and Keepass2Android or KeePassDroid on Android. But I recommended Strongbox for the spouse for an iPhone & iPad and sync my password db to spouse's iCloud.
Die KeePass Apps haben schönere Generatoren. Diceware mit Auswahl der Wörterbücher. Anzeige der Passwörter als QR-Code. Benutzernamengenerator. Und eine bessere Yubikey Implementierung. Ich nutze Bitwarden und Strongbox parallel. Bis jetzt gefällt mir Strongbox besser
Strongbox for macOS didn't exist before, it started as an iOS app. Thanks for bringing this to my attention.
MacPass development is slow and has some annoyances. So even though I haven't tried Strongbox's macOS app yet I would recommend it instead, since the iOS app is so well made.
A bit of a late reply but have you considered the KeePass ecosystem and the Strongbox app? Costs about the same, offers the same features as Minimalist (although UI is a bit worse on the Mac) and because it is based on the KeePass ecosystem you can use it cross platform (via other apps that are compatible with the KeePass database; Strongbox is Apple devices only).
Yeah, I have heard of other reports of issues like this with SMB connections. Since you're using Synology you could use SFTP or WebDAV which are rock solid:
https://strongboxsafe.com/updates/syncing-with-synology-nas/
Hi there, yes it does. We use the same mechanism for storing all these important/critical secrets and you can read more about that here.
As to best practices, the answers will vary depending on your threat model and opinions vary on this. The fact that you're using a Password Manager at all is a big step up. Using a format like KeePass and managing where you store the database yourself is another leap.
You could do things like host the database yourself on an SFTP server/WebDAV server or just store it locally on device if you're concerned about some kind of government/hacker having access to your database. Add a Key File or YubiKey as a second factor. Each of these steps has trade-offs usually in terms of convenience. Using something like Face ID or a PIN Code as convenience unlock is also a risk, but usually the trade off is worth it for most people. But also, typing your master password in in view of any say security cameras is another (possibly worse) risk. There's a lot of factors here in terms of operational security...
Personally I use my own SFTP server and Face ID, I don't use a Key File or YubiKey. I feel this is a great level of security for myself. I'm not a dissident activist under mortal threat from a tyranical regime, or a whistleblower worried about the NSA though...
In short, it really depends on what your threat model is. Hope that helps.
Hey! Each browser has a different way of exporting passwords (you can usually find steps on how to do it on support pages of the specific browser).
Once exported, you can import them directly into the KeePass database, please check out the Import/Export section of our website - https://strongboxsafe.com/support/#reamaze#0#/kb/migration-and-import-slash-export
After that, you should be able to see them in Strongbox on iOS.
Ich nutze selbst kein iPhone, hab aber grade mal nachgesehen. Strongbox kann zumindest mit kdbx Dateien umgehen. Ist FOSS, letztes Update vor 3 Tagen.
https://apps.apple.com/us/app/strongbox-keepass-pwsafe/id897283731
There are a couple of ways that help/ameliorate this:
- Use the AutoFill Wormhole option
- Use Touch ID or Watch Unlock to speed things up
The Wormhole works if your database is already unlocked in the background. You can read more about that here:
https://strongboxsafe.com/updates/macos-big-sur-autofill/
Your second question is a popular one too, and we don't know of anyway to disable the Keychain prompts on MacOS without disabling the entire AutoFill feature. This just doesn't seem possible yet. You can do this on iOS but not on Mac so we're hoping Apple will fix this.
Hi, to get Safari AutoFill working on you iPhone just follow the instructions below:
https://strongboxsafe.com/support/#reamaze#0#/kb/faqs/how-do-i-use-autofill-on-ios
Should work well for you.
Do you know if they happen to offer an SDK or API for developers to access this? The last time I checked they didn't and I can't see anything on their site to indicate they do.
Without an API/SDK there's no way to integrate with them natively.
Alternatively, do they support WebDAV or SFTP? These can be used instead also by Strongbox, but I can't seem to see if they support these either.
Unfortunately, that only leaves one option, the iOS Files app, and it looks like their integration there is problematic :(
Sorry about that, perhaps you can raise this with them, ask them if they have any plans for an SDK/API or WebDAV/SFTP access.
It's the exact same feature wise as the regular Pro version you can upgrade to In-App, it's just that it works with Apple's Family Sharing program which requires an outright purchase, not an In App Purchase... See here. Hope that helps!
Hi, I don't believe it's possible to block apps from WiFi on iOS at the moment, though it is apparently possible to block cellular data...
There is an article on the possible network connections here:
I'm not sure why Apple haven't enabled this kind of blocking feature though. Seems like a nice to have for security conscious users.
Hi, this should work for you, Dropbox is pretty good in both "Files" and "Native" sync. You don't say which method you're using above. Did you add via the "Files" method?
One thing to check if you're using Files is this:
Otherwise check that your laptop Dropbox sync app actually fully syncs the changes to Dropbox before unlocking in Strongbox.
Strongbox doesn't support a KeeShare like feature, at least at the moment...
Have you seen the YubiKey Secret Workaround feature for YubiKey? This would allow you to open a YubiKey protected database on your iPad without using the actual YubiKey. That is something I know some people use to get around this sort of situation.
I'm not sure if that's suitable for you?
Hi there... There are quite a few ways to get your database onto your device so that it's a local only copy, rather than hosted/sync'ed to a cloud.
Remember, if you are using a local database, it is stored only on the device. Any loss of that device could then mean catastrophic data loss. Be sure to make regular backups.
There's a couple of handy FAQs here that might also be useful:
Hope that's helpful!
Hi u/cng2112 and u/stinger_5, Strongbox will connect over SFTP or WebDAV for you, without the need for any third party apps.
Disclaimer: I'm the author of Strongbox and I charge for Pro features, but the above will work in the free version straight out of the box from the App Store. Maybe give it a shot and see if it works for you? Hope that's helpful.
PS. u/cng2112 - It will also connect to Google Drive, OneDrive and Dropbox without the need for those third party apps to be installed.
Yes, dev here, that's definitely possible. In fact if you use the "YubiKey Secret Workaround" you can do this right now. But at the moment Strongbox works in 1 of 2 exclusive modes:
1) Use YubiKey Hardware device
2) Use YubiKey Secret Workaround
I guess it could be possible to implement a hybrid for Auto-Fill mode, i.e. use hardware in main app and use secret workaround in Auto-Fill but I'm not sure if many would want that to be honest...
You can read more about the workaround field here:
Strongbox dev here... Just came across this, thanks very much for the mention and really glad you like the app! It's a pity about the Yubikey situation (more on GitHub here). Really hoping Yubico can provide a usable API for this soon, we were kind of hoping it would come with the big 5Ci release but unfortunately CR HMACSHA1 isn't in their base API. Anyway, shoot me a mail/message here if you have any questions/comments about the app. Cheers! -Mark
Strongbox can do this for you. There's a link in the sidebar here or you can find it on the App Store here. It is also possible with KeePassium, and I'm not sure but maybe KyPass.
Disclaimer: Strongbox is my app and I charge for the Pro version, but the free version can and will always be able to do this for your business partner.
Hi there, thanks!
It sounds like you might be hitting the dreaded iOS AutoFill KeePass silent crash resource issue:
https://strongboxsafe.com/hrf_faq/strongbox-disappears-dies-sometimes-when-using-autofill/
Are you using Argon2 with a large memory setting, or is the database itself very large/contain a lot of entries?
I'm all for comparison, but let's be fair.
>Strongbox offers all the options free of charge
But it does not. After the trial period, Strongbox disables Touch ID, PIN unlock, and search. Free version of KeePassium does not expire (no trial period) and does not limit any of these features. But yes, it is limited to one database at a time.
>you mean free with the basic version and paid as subscription with the Premium version.
Yes. Just like Strongbox is free with basic version (without Touch ID and search), and has an optional premium tier. Strongbox Premium is available both as subscription and lifetime license, KeePassium is subscription-only (for the moment).
A few days in and I have no complaints with Strongbox. It’s great that Strongbox is also open source.
If I don’t encounter any issues in the next week or two during the demo, then supporting Strongbox is exactly what I’ll do. KyPass always gave me hesitation due to the closed source nature. This isn’t the first database corruption I’ve experienced with KyPass either.