KeePassX: Keeping Your Passwords Safe
For a long time, my password tracking system was quite simplistic: hope I remembered the right passwords for each site or record them in an ordinary word-processor document. Such methods obviously have great flaws. I might have a hard time remembering a password for an infrequently used site, and a word-processor document isn't the most secure place to store passwords. Such a system also tends to promote either too-simplistic passwords or recycling the same password across Web sites (both being easier to remember). For these and other reasons, I decided using a password manager would make my digital life a lot easier.
A password manager is a program that stores passwords. The stored passwords usually are encrypted for security purposes. Password managers can be either desktop-based (the password data stored in an encrypted database file on a hard drive), portable (similar to the desktop version, but stored on a smartphone or similar device) or on-line (data stored in an encrypted form on a trusted third-party Web site). Besides the increased security (over writing down passwords on a piece of paper or within an unencrypted text document, or resorting to memory), password managers also allow for more complex (thus, harder to guess/break) passwords to be created and stored. After some research, I decided to use KeePassX as my password manager of choice.
KeePassX is a multiplatform, open-source password manager. Unlike some password managers, KeePassX is desktop-based, which has its advantages and disadvantages. However, KeePassX can be used along with an on-line storage system, such as Dropbox (I discuss how to do that later in this article).
KeePassX comes with various features, including the ability to import and export passwords, search functionality, organize passwords/user names within predefined categories and a secure password generator. KeePassX also comes with a limited AutoType feature, or the ability to enter user name and/or password information automatically on a Web page from an entry.
Password information is stored in an encrypted 256-bit database file, which is compatible with other platforms' versions of KeePassX (including KeePassDroid for Android smartphones, KeePass for Windows and so on). However, for compatibility, password files created by other versions must be stored in the older (version 1.x) format that KeePassX uses, versus the current (at the time of this writing) 2.x version, although work is being done to allow a future version of KeePassX to use the newer format.
Setup and Basic Usage
KeePassX is available in many repositories; thus, installation should follow standard procedures for your distro of choice.
Upon initial launch, KeePassX prompts the user to create a new database. As shown in Figure 1, the Set Master Key box will be displayed, asking one (by default) to create a master password for the database. You should choose a strong master password. An alternate option is to use a key file instead of or in addition to a password (more on key file usage later). For most of this article, however, I use only a master password for my examples.
Figure 1. The Set Master Key Box
After creating the password, the default main window (Figure 2) appears, displaying (in menus and a toolbar) most of KeePassX's features. The menus consist of File (importing and exporting database formats, saving changes to databases and so on); Entries (adding, deleting and making changes to entries, as well as copying entry information to the clipboard); Groups (organizing entry information into various categories); View (toolbar/entry information display settings); Extras (settings for KeePassX itself, as well as the password generator); and Help (links to KeePassX's Web site, FAQ list and so on).
Figure 2. The Main KeePassX Window
By default, two groups are created in a new database: Internet and Email. To create a new category, choose Groups→Add New Group, then enter the name of the new group in the Group Properties window that appears. You also can choose an icon for the new group from the pop-up menu. After finishing, select OK. The new category will appear in the left-hand pane.
To enter a new password and/or user name into KeePassX, select a category from the left-hand pane for the new password, then either select Entries→Add New Entry or choose Add New Entry from the toolbar. A New Entry window appears (Figure 3), allowing you to enter password and user name information, along with any other needed information. Additional information you can enter includes Title (a name for the entry); Username; Password; Repeat (enter the same password twice for verification); Comment (to enter comments about the entry); Expires (set an optional expiration date for the password); Attachment (attach a file to the entry); and Tools (a pop-up menu). A quality progress bar also is included under the password section, indicating the password's relative strength.
Figure 3. The New Entry Window for Entering New User Names and Passwords
The Tools pop-up menu contains two options:
AutoType: Customize sequence—customize the sequence of password/user name information entered into forms.
AutoType: Select target window—select which application or browser window to enter password/user name information.
For extra security, the password can be shown or hidden (displaying asterisks) by clicking the eye icon next to the password entry boxes.
|Android Candy: Copay—the Next-Generation Bitcoin Wallet||Sep 03, 2015|
|The True Internet of Things||Sep 02, 2015|
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
|Where's That Pesky Hidden Word?||Aug 28, 2015|
- Using tshark to Watch and Inspect Network Traffic
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- The True Internet of Things
- September 2015 Issue of Linux Journal: HOW-TOs
- Android Candy: Copay—the Next-Generation Bitcoin Wallet
- Firefox Security Exploit Targets Linux Users and Web Developers
- Where's That Pesky Hidden Word?
- Concerning Containers' Connections: on Docker Networking
- A Project to Guarantee Better Security for Open-Source Projects
- My Network Go-Bag