Internet privacy and security course
About translation
Previous Next

Chapter 40

KeePassXС. Setting up a password manager for macOS.

KeePassXС is a cross-platform fork KeePassX, recommended by us for macOS and Linux users. The program has open source code, and, unlike the parent program KeePassX, this project is actively supported by a group of developers.

KeePassXС works in the same way as KeePass, i.e. you create secure storage where you save passwords. Passwords can be sorted into groups and subgroups, there is also a convenient interface for strong passwords generation.

KeePassXС works in the same way as KeePass, i.e. you create secure storage where you save passwords. Passwords can be sorted into groups and subgroups, there is also a convenient interface for strong passwords generation.

The first thing you should do is to download and install KeePassXС. Like any other program, KeePassXС should be downloaded from the official site.

Creating a secure storage for passwords

After being launched, the main program window will open. First of all, we need to create a new database where passwords will be stored.

The system will offer to create a password to the database, with which you can always extract passwords from it on any device that supports KeePassXС. This should be a strong password (from 20 characters, including numbers and symbols), which will be stored only in your memory.

I support using a bunch of password and key file wherever it is possible, and therefore I recommend that you use a key file along with a strong password.

 

Tip

Be sure to use the key file as an additional security tool.

After creating the database, move to the second step, which is creating password groups. Groups are needed for easy password sorting, for example, I have the following groups: email, forums and websites, messengers and VOIP, social networks, admin panels, domains, project management, hosting, etc.

By clicking on any group, you will see the menu for managing groups and subgroups.

Adding a password to KeePassXC

So, we created a database, we created groups in it, now it's time to fill them with passwords.

Select Add new entry.

The name is a convenient identification for you of the created entry.

The username is what we get used to calling the login, it, like the password, will be hidden, it is recommended to add it for comfortable copying.

The password is the password itself.

Address is a link to the site which this password is created for, if it is a password for the site.

Expires is a date when the password expires. Contrary to common beliefs, when the term expires, the password will not be deleted, but only the entry will be crossed out to remind you of the need to change it. We strongly recommend changing passwords every six months.

Notes are all you wish to record for yourself.

KeePassXС has a great solution for creating a strong password, which is a built-in password generator. At the Password line, click on the button of the password generator again. I recommend not to invent passwords by yourself, but to entrust this process to the generator embedded in the program, it will help to create a reliable password.

The program does not initially offer reliable password generation settings, so instead of 16 characters, select 30-50 characters by default. All basic types of characters should be included in the password: uppercase and lowercase letters, numbers and special characters.

Before adding a password, I would like to draw your attention to one of the items, namely, the item Expires. I hope you made it a rule to change passwords regularly, and KeePassXC password manager can help you with this. When creating a password, select Expire, and then select a preset for 6 months.

 

Tip

Set the password manager in KeePassXC the change of the password.

After the specified period, the system will notify you about the need to change the password.

Opening a saved database and using KeePassXC

When launching KeePassXC Password Manager on macOS, you will need to select Open Database, specify the path to the saved database, then enter the correct password and provide access to the key file.

To use the saved password, click on the desired entry with the right mouse button.

If this is a site, then simply click Open Address and go to the URL saved in the entry. If the site opens in Safari, and you want to open the link in another browser, then select Copy attribute to clipboard> Address and paste the copied data into the address bar of the desired browser. Then we copy one by one into the clipboard the name (login) - Copy the username and password - Copy the password, paste them into the authorization form.

Separate interest is automatic input. You place the cursor on the required site in the login field, then in the menu choose “Make Autoinput”. I don't use it, but you might like it.

Data protection when using KeePassXС

Now let's talk about one of the most important buttons in the program – block password repository button.

Immediately after using the program, you must block the repository with the passwords. Otherwise, anyone who has access to the computer can access all your passwords.

Unfortunately, some people think that it is necessary to unblock the repository and then keep it unlocked all the time, and this is the idea of ​​the password manager, however, this is a delusion. The idea of ​​a password manager is that you have one strong password that you can keep in your head, and it gives you access to other strong passwords. One reliable password is incomparably easier to remember than a few dozen.

Before you begin using KeePassXC permanently, you should set up the security of the application, namely, set the automatic blocking of the password database if you do not use the computer for a while.

To do this, go to the main menu of the KeePassXС program and select Tools> Settings.

In the settings, open the Securitytab and select Block Repository after inactive for 60 seconds.

 

Tip

Configure automatic blocking of the database with passwords in case of inactivity.

I recommend clearing the clipboard at 10 second level, as this means that the copied password will be deleted from your clipboard after 10 seconds. A useful option that should never be turned off.

Previous
3756
Next