🔐 KeePassXC 🔐 - A Secure and Feature Rich OFFLINE Password Manager
Vložit
- čas přidán 21. 02. 2020
- In this video I teach you about password managers, specifically KeePassXC. You can use 2 or even 3 factor authentication with KeePassXC. It started as a community fork of KeePassX. It is built using Qt5 libraries, making it a multi-platform application which can be run on Linux, Windows, and macOS. KeePassXC uses the KeePass 2.x password database format as the native format, its written in C++ and uses the GNU General Public License.
Subscribe to my CZcams channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. ₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB - Věda a technologie
You are best! I'm Russian and I couldn't find anything about keyfile in my native language but your video helped me to understand everything. Thank you very much!!!
How you doing now?
Занимательная геополитика 🤡
zdrastvuyte
Passphrases are useful for entries where you MIGHT need to occasionally access them on another computer, and won't have your password manager installed. So going to the library, for instance, I can go onto gmail, pull out my phone, and look at my entry, which will give me an easy-to-type passphrase rather than a complex mess to try and type in. It IS less secure, though, so keep that in mind.
You just have to use the appropriate phrase length for level security you need.
Another method is to have your password database (.kdbx) in a USB drive, along with portable versions of KeePassXC (either the Windows 'standalone' exe or the Linux AppImage) and your keyfile (if you use one). Voila! Only problem is, if you're using a campus or office computer or something similar and you are blocked from executing files (maybe you don't know the password for the UAC), it's a no-go.
Passwords that I think I might have to share with other people (say, Wi-Fi) or type manually into another machine, I like to keep fairly human readable.
this is precisely why offline pw manager is a fail concept. its entirely inpractical.
@@dex4sure361 No. The occasional annoyance (probably once every 6 months) doesn't invalidate the security of an offline PW manager. You would have the same problem with an online one anyway, you'd have to log-on to lastpass or whatever on a public computer to get the password, which is just as impractical.
I think it's about time that I replace pass, managing and protecting gpg keys is getting really confusing. Nice video btw.
My last name is Snowden but hackers still don't care about my passwords. Probably because my first name is not Edward.
True
I couldn't believe anyone and ended up making my own password manager using java.
It's literally open-source lol; if you have the development know-how, why not just inspect and compile the code given rather than writing your own?
p@jeet
@@egarcia1360fuck open source they also not secure
@@egarcia1360bros spooked
Great piece of software! thank you!
hi. are you still use it and do you think the plugins for it are safe to use? are other offline passwords managers to choose? thanks for the video
Have you tried a hardware wallet as a password manager? I think both ledger and trezor have the feature
Doe it safe to use, taking into account that It has not independent security audit???
Awesome video
Hey Quick Question, Am I a complete idiot if I store my actual Password file on my cloud? the only reason I did it in the first place, is so I can have a way to access it on my phone when i need. As Long as my password is long and random, I should be ok right? The Hacker would have to hack my google account, and then download the file, and then basically brute force the attack on a downloaded KeyPassXC on their computer? Is this a scenario where I should use a Key File? Basically, just have the keyfile on an external harddrive or USB for when Im at home on my computer, and then also transfer this keyfile to my phone via USB (so that it never gets into the wild) that way, even if my gmail was hacked, that Keyfile is unavailable. What do you think?
I keep my database backed up on google drive as well, you're correct that in order for a hacker to access it they would have to first comprise the google account and then brute force the password that locks it. I also keep a copy of my keyfile in the cloud, but its inside an encrypted zip folder protected with another strong password. It sounds like your setup is already very secure, but it wouldn't hurt to add a keyfile.
Oh yeah, how do you make this cross-device flexible or whatever? What if the only thing I have is my phone? Chrome pwords helps with that.
Saw an android app mentioned in other thread. I guess that works...
Don't forget to encrypt your password file using GPG!
@@collapse_aesthetics KeepassXC works on all desktop platforms, and as long as you're doing nothing to fancy, Keepass2Android should support a database from the former. It can also do some fancy stuff like pulling/pushign your dbfile directly from/to nextcloud without needing a separate syncing solution.
I generally prefer your solutions to DistroTube but this time, why not use pass?
Keepassdx for android👍🏼
You know what's better than 2 factor? 3 factor
I have been using 1Password for many years now. Recently, it has become very annoying. First, it keeps bugging me to buy a subscription and second, I find the new features and behaviours very annoying. Do you think KeePass XC would be a good replacement? About this video, you have made a very nice and extensive video but it would be a bit difficult to understand for a user who is not an advanced computer user.
Its pretty easy to use
1Password is probably better for normies. But that doesn’t mean you shouldn’t try out keepassxc.
Maybe it should integrate with a browser plugin (but stay offline still) to autofill passwords?
For KeePassXC browser integration is already supported.
there is already a browser plugin for keepassxc in chromium/firefox webstores, it integrates with the app offline for autofilling
What If I wanna use the password stored in keepass in my PC on my mobile? Should I see from my PC and type it in my phone to login?
After seeing this video, I was thinking that could be possible to store your key file in a hidden partition in your pen drive, and then do some backup of it in the cloud in case the USB drive is damaged, and then never store your key file into your computer.
No that could compromise your private key.but you can backup your password store aka database
To be exact don't upload it to cloud. But keeping it in a usb is a good idea
how obvious would it be if an 8gig usb has 7 gigs of storage when empty lol not that big of a worry but still
@@ghaspghasping5526 I don't think it would take nearly that much space to store the keyfile based on what he showed in the video, and it's pretty normal for USB drives to come with a little less space than listed for formatting or whatever.
The more complicated the system of security, the easier it is for you to lose everything
can this be? a pre-waifu thumbnail from Mental Outlaw?
thankies
but aren't the passwords stored in pass. managers encrypted? even if they got hacked they wouldn't actually leaked your credentials? or am I missing something?
kdbx files are encrypted. if you leak it, if you have a strong master password they can't open your database
Yeah he kinda glossed over that as if they'd actually be stored as plain text....
the advantage of this is, it removes most of the risk of hackers being able to get them at all. The best way to prevent them from stealing your passwords is if they can't even get at them (encrypted or not) in the first place. Ofc, the encryption for most pass managers is plenty good enough to store on the cloud, the problem is they might mess up the encyrption, letting them get to your passwords. while they could mess it up on keypass as well, since it's offline it doesn't matter as much. 2 layers of security in case one fails 🙂
the thing is, hackers would have more motivation to crack a leaked database of an online pass manager because there are millions of users there and that data could be very valuable. meanwhile if they get their hands on your file it will only compromise your data which won't be worth even a penny. he actually said that in the video
It'd be nice if we had all our passwords on the blockchain so they could be accessible from anywhere
What about your phone? You'll also need those account details on the phone. But I assume this wouldn't be safe as you have to use some online service to sync your phone and computer, nevertheless carry your phone around with all of your passwords in it.
theres password managers on the appstore that support kdbx files
the online service won't know your password
Random security tangent: Is there any way for a mobile to use _both_ biometrics and pin / passphrase for accessing one's own handset?
Probably, but I wouldnt count on any handset manufacturer to support it. I'm sure it's possile with some sort of custom lockscreen.
What if the biometric becomes unavailable? The point of a pin is in case your biometric cannot be accessed. (Cut on finger, etc)
@@phizlip there would be two pins - a fallback pin for the fingerprint, and the primary pin. Also, it's good practice to have multiple biosignatures for such an unfortunate case.
@@bluephreakr Worse case scenario of losing a finger or fingerprint scanner is broken somehow you can at least pin in.
theres also something called pen and paper technology with manual cold storage
can be easily read by anyone who has eyes and unique skill of reading.
( not to be rude ;) )
@@wearefromserbia9714 im also not a fan of WRITING every single thing down onto a piece of of paper then having that paper lying around when i could just used an OPEN SOURCE PASS WORD MANAGER.
nice video :) is it possible to move my keepass data to an usb stick when i reinstall my windows on the computer or do i need to make a new one?
Just move the file over to a usb stick you can also put it in the cloud and it will sync to all your devices
This is so based.
So is keepassxc and strongbox (Iphone user) can be used interchangeably ?
i am not ios user but probably
so with a really long passphrase it's ok.... most of the time it is the keyboard set himself to qwerty so it can be a long typing time. maybe using an old PC just fore socialling is annuf to be "safe".
@Zero azerty/qwerty when long pass...can be long...
@Zero there is no equivalent in USA where qwerty is the norm, wile in France we azerty so to say...
@Zero mais je peut lire le Français...... et te répondre en Français ci tu préfère? aller, a plus.
what if i write a word on a paper and use a hash sum of it as the master password
That's for sure would be impossible to crack both with a brute force and a dictionary attack!... until you state that to everyone else on the internet. From that point on it's just one more hash to run for each password
But what you can do, is to hash a hash digest multiple times. Probably also take a slice of that digest along the way. That would introduce quite a bit of randomness and might be a very strong password! (just be sure not to leave your hash in shell history or browser history when you are generating it)
Oh boy, the Is this uptalk accent?
Is this a good password manager for a beginner?
yes
Not really anything complicated about them in general
bitwarden
What happens if I reset my computer(or I get hacked by ransomware) What happens to all my passwords stored locally?
You lost them, so make backups on usb keys.
you lose them. which is why you should make backups.
So access to your clipboard gives anyone access to your password? doesnt sound so safe to me
1) it automatically clears the clipboard after like 10 seconds
2) you can use browser autofill plugin to avoid copying passwords at all
My guy
There should be a mobile version for this. Does anyone know similar program but for mobile android?
bitwarden
KeePassDX in Google Play is quite a nice mobile version
KeePassDX (based on KeePass just like KeePassXC)
Good luck typing your gibberish passwords for Office 365 or gmail accounts on your phone😎
3:45 Yubi key? 🦴
No.
lol
This sounds ideal to me, however, i'm a self confessed cybertard and this tutorial went over my head like a fighter jet. If anyone should read this, please would you mind pointing me in the direction of a KeePassXC guide for idiot non-techies? Thank you in advance.
Is there an ios app that allow keepassxc to be used on an iPhone?
KeePassium
Do you still need this if you use Opera password manager or a similar browser-integrated tool?
It's rather a choice of which one you want to use. The password manager in your browser is most likely storing them in a cloud, whereas this solution is offline.
"in your repository"? You mean other than Microsoft's Github?
you can use GitLab if you trust them more
@@ralesarcevic thx...CIA funds them so... IDK, you?
@@SmedleyButler1 funding and owning are two different things but I can see what you're saying, however, Microsoft could potentially shutdown GitHub, while CIA can only stop funding GitLab which could be fixed by donations of some sorts.
If you really don't wanna have any of those issues just make your own git server
@@ralesarcevicthx for the ideas.... Mostly playing devil's advocate to see what you all think..., I just recall Billy's antitrust history and things like sourceforge injecting adware years ago...
Is this still good? and do you use it yourself?
i think best alternative of bitwarden is keepassxc
Is there an android equivalent?
Yes, look up Keepass2Android on the Playstore
KeePassDX
Does KeepassXC have an Android fork?
yes
KeePassDX
So it's really only useful for the vanishingly small group of people that do everything from one device. I guess it could be used across a LAN. But I definitely can't see my wife opening this to copy/paste her credentials every time she wants to visit some site. That's the advantage of the online services, they follow you wherever you happen to be.
True
@Sertonix or not? i use a usb drive to store my database on it and i can use it on any device with ease
Well, yeah. It's extremely useful for the "vanishingly small group of people" who are sensible enough to use a PC for their daily use and only use their mobile phone to make calls and texts messages.
@Sprite Frog 0 Sensible? Congratulations for turning a simple comment into a moral crusade. There are more "devices" than just phones. My wife and I both have laptops. Running keypass across a LAN is non-trivial.
Also, a great many people don't have the option of being "sensible". Some of us work in fields which make smart phones almost essential.
Exactly, this is basically only for use on a single LAN. Also his anti pass phrase stance is ridiculous.
why wont you want to not just keep it in a notepad?
Notepad on that device? If someone gets access to that device then say bye bye to your accounts
@@alexanderjackson7815 why would they even get access to the device? i can just put a password on the notepad file itself.
@@mombanger2835 and that's basically what keepassxc does. it encrypts your passwords with the master password.
@@bettercalldelta i will just write in an actual notebook then.
How about bitwarden?...
Bitwarden is a good option if you want a cloud base password manager.
@@fayojixe9925 I don't think bitwarden is a cloud based password manager
@@reveluv8851 Bitwarden is by default cloud based but you can self host.
@@fayojixe9925 at least from what I rember it stores passwords locally
@@fayojixe9925 also it's possible to get sync without cloud computers
Where can i save my master password?
In your head
@@timecode37 how hard it is to save a randomize password in my head?
@@carlosch8405 it depends on how long it is, if it's less than 20 characters you are able to remember it if you use it often, which you probably will as it's your master password. Otherwise write it down on a piece of paper or something. Sure it sacrifices convenience, but imo that's worth it. I'm assuming that the password can be typed on your regular keyboard, so you couldn't have extended ascii but even then you could still have a fairly safe password
@@timecode37 ok, i would try it that way
@@carlosch8405 Don't store it in your head. That has a notoriously high failure rate. You're always one hit on the head away from losing access to your passwords. Not to mention any other medical conditions which affect your memory. Unless you believe someone in your own house is going to try to gain access to your passwords just write it on a piece of paper in a notebook and put it on a bookshelf. That's much better than relying on your brain. The whole point of these password managers is so we don't have to remember these long complex passwords and can store a lot of them for each website. You want to take the most important one and store it in your head? Don't do that lol.
wervice
No mobile no go.
it has android ios symbian ports
keepassdx
KeePassDX
KeePassium if ios
keepass xc breaks ALLLL the f*ckn time bruh
This guy, while not technically wrong, misses so many points that the average person can find useful. For example he makes online cloud password management companies sound risky, and they are, unless they don't store your data in clear text or use reversible encryption. Companies such as BitWarden never have the ability to decrypt your passwords. Even if they get hacked (which so far they have not). Also pass phrases might be more risky than gibberish but not by much. There is a fine line between security and usability. Using a passphrase plus a number or special character here and there thwarts a straight dictionary attack. Also you didnt mention you can use the database shared on your LAN so you and your spouse could share your passwords together. This videos gets so much right and so much wrong at the same time. 😊
So how is this offline if it's on your computer?
read that again
man u r drunk
bro...
it's on your computer, but it's not connected to the internet. Your passwords are saved on your computer, not on the cloud
because it's not downloaded from the internet, the file is on your computer. turn off wifi and notice that you still can use keepassxc.