Password management is essential to your digital security. In this segment of our portable EmComm Server build, we will be walking through how to install KeePass and setting up a database to host on our upcoming server build.
Why Use a Password Manager
One of my favorite memes of all time, and the message is a valid one. Passwords are an easy way to boost your security, but passwords are only as good as the weakest link (most likely you).
Passwords are the backbone of modern digital security, but weak or leaked passwords are all too common. Password managers allow you to make complex, unique passwords and passphrases without needing to memorize them all. Instead, all you need to remember is a single master password to access your complete password database.
KeePass is one application I keep on all of my devices, though I usually store my databases on Google Drive with SD card backups. This allows me to pull down my password database from any of my phones or computers and decrypt them locally.
Install & Configure KeePass
KeePass is my preferred password manager as it is easy to use and cross platform compatible. Installation is easy, just one line of code.
sudo apt install keepassxc
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Ut elit tellus, luctus nec ullamcorper mattis, pulvinar dapibus leo.
Using a Master Password
The easiest way to create a master password or passphrase is using KeePass itself. We will cover this in a bit more depth in the “Creating Entries” section of this article, but the process is fairly self explanatory. Simply open the password generation tool within KeePass, select whether you want a password or passphrase and any other qualifiers, and KeePass will output a high entropy password.
If you prefer a more manual approach, Diceware is another good option. Essentially, Diceware involves using a list of words that have each been assigned numbers and a few dice. When you roll the dice, you record the number and convert it into a word from the list. You can then repeat this to make a high entropy passphrase.
For more information on Diceware, check out https://diceware.dmuth.org/
Using a Key File
Optionally, you can also set up a key file. Key files are like physical keys where you don’t just need to have knowledge of the password, but physical possession of the file to unlock your database. This can be done instead of or alongside a password depending on the threat assessment you are operating under.
Creating Entries
With the database open, now we can create some entries. To begin, hit the plus icon in the lower right corner, then select “Add Entry”. From here you can fill out the information about the account it’s for and even customize the colors of the entry. But in my eyes, the coolest part is the password generator.
Clicking the dice icon beside the password field will bring up the password generation tool.
Conclusion
KeePass is a great cross platform tool for making stronger passwords and managing them effectively and I personally keep the software on all of my devices so that I can decrypt my remote entries across my devices. The KeePass software itself will not be hosted on the server, but the database will. This approach has flexibility and scalability in mind that allows clients to access these files, then decode them on their local device using a provided pass phrase and key file.
Stay tuned as in our next segment we start the build itself and don’t forget to check out our YouTube channel for more updates in a more concise format.