The correct choice, storage and management of passwords is one of the most important aspects. The risk of exposing yourself to data theft and the theft of your digital identity is real. To avoid exposure, it is essential to avoid using passwords that are short, easily ‘guessable’ or not very complex (that do not also contain numbers and symbols). Professionals and private users can consider using KeePassXC, a cross-platform password manager distributed as an open-source product under the GNU GPL license. KeePassXC is one of the best password management solutions out there because, unlike the many products available on the cloud, users retain full control over their data and are fully aware of the security measures in place to protect the information used locally.
A community for the security – KeePassXC
Born as a derivative version of KeePass, KeePassXC shows many similarities with the original application. The main difference is that it can count on a community that is much more active in software development: a not insignificant plus point that translates into more frequent updates, bug fixes and the addition of many new features. The program allows the creation (locally) of a secure, encrypted database in which to collect stored passwords.
KeePassXC allows you to generate, open, and save databases in KDBX format that are compatible with the original KeePass software. The database can be used to save usernames and passwords as well as other kinds of personal and sensitive data, with the possibility of organizing them into groups. The integrated search engine also makes it possible to find the credentials of interest as quickly as possible.
It is integrated with the browsers
KeePassXC integrates a password generator to create complex and secure passwords, if required, for use on favourite websites. The program also allows you to check whether the passwords you are using are secure, ensuring that they are not in the hands of cyber criminals because of some attack. The well-known and popular “Have I Been Pwned” service is used for verification. This password manager integrates directly with major web browsers, such as Google Chrome, Mozilla Firefox, Microsoft Edge, Chromium, Vivaldi, Brave and even Tor Browser.
KeePassXC also allows YubiKey and OnlyKey keys to be used as tokens for accessing password databases. It also allows you to choose between AES-256, Twofish and ChaCha20 encryption, can also be managed from the command line (as well as from the practical graphical interface) and can also interface with software that establishes SSH connections, safely storing keys and associated passphrases.
How to install it
During installation, KeePassXC asks (Autostart KeePassXC on login option) if the program should be automatically opened each time Windows is accessed, while the first time it is started, it asks if it should always check for updates. At this point, you can choose whether to create a new database to store your passwords in or whether to import them from KeePass, from 1Password or from a CSV-format file, e.g. export from a browser: How to export and import Chrome passwords.
KeePassXC
The process of creating a new database is very simple: you must give it a name, choose the security options (including the time required to open the encrypted archive: the longer it takes, the greater the level of protection provided by KeePassXC), the password or the main keys used to defend the contents of the database. In addition to the password, it is possible to protect the password database with a ‘key file’, which must be jealously guarded and which will, in any case, be needed to access the encrypted archive (make a copy of the ‘key file’ to prevent it from being damaged). As mentioned earlier, you can also protect the KeePassXC database with a YubiKey. Once you have stored the KDBX file (by default, the %userprofile% folder is presented), you can start saving all your credentials there.
Obviously, to access the KDBX databases from Android and iOS, you must share a folder on the local network within the LAN or connect to the same resource remotely via a VPN connection. In both cases, you can use any app that supports the SMB protocol from mobile devices. Alternatively, one can share the password KDBX file via a cloud storage service such as Google Drive, Microsoft OneDrive or Dropbox. You can also store the file within an encrypted volume with Cryptomator, which is available for Windows, Linux, MacOS, Android, and iOS.
