Secure your passwords and personal data with KeePassX
AutoType
Autofill is the forte of web browsers. Almost all mainstream browsers now offer to store the user ID and password. However, with information theft on the rise, many users want to avoid saving login details to browsers. KeePassX offers an autotype feature that lets you easily fill the login details for a website. This feature is currently available only in the Linux version of KeePassX.
To use the autotype feature, first open the login page (e.g., your email login page); then, open KeePassX and go to the entry corresponding to this email account. Right-click the entry and click Perform AutoType (Figure 6). Login details are automatically fed to the login page – without the browser getting to know a thing! To configure the AutoType process, click on the Tools button on the bottom left corner of a New Entry dialog (refer to Figure 4).
AutoType is a great feature, but it is available on Linux only. Other users can still copy and paste passwords and user IDs from the KeePassX window, just as you can. Data copied onto the clipboard is automatically wiped off in a few seconds. (You can configure the time the data will remain on the clipboard before it is cleared.)
The KeePassX window has separate buttons to copy the user ID (user icon) and password (key icon). (The second and third buttons from right on the top menubar.) If you want to change the duration after which the clipboard is cleared, go to Extras | Settings | Security and change the number of seconds.
Locking the Workspace
You are away from your desk for a few seconds, but you leave the screen unlocked. Those few seconds are all it takes for a social engineer to get the data. The effect of such an attack is more severe if the attacker gets access to your KeePassX window.
KeePassX allows you to lock your workspace with a single click by just clicking the rightmost icon on the top menubar (the padlock). To set the idle time before KeePassX automatically locks itself, go to Extras | Settings | Security. You can also set the option to lock KeePassX if you just minimize the window.
Using ownCloud
You can save the KeePassX database file anywhere, move it, or even email it as an attachment. This freedom opens a lot of new avenues for innovative use cases – the most obvious being a multiple-system environment.
Users today don't have just one device: A single user often has a personal laptop, the office laptop, a tablet, and a mobile phone – or sometimes more than one. Although KeePassX is a desktop application (there is no way to access it via another device), you can use the KeePassX database file to make the passwords available across platforms. Any file-sharing application, such as iCloud, Google Drive, or Dropbox, can help you transfer the KeePassX database file to other systems.
Why not do this the open source way? The free ownCloud tool is a great way to set up your own file-sharing cloud. You can set up a private installation of ownCloud to make the KeePassX database available on all your devices: You don't need a third-party server. Install ownCloud on your home PC and access it via the LAN/WiFi from other devices.
After downloading ownCloud from the website [4], installation is very easy. (See the installation instructions online [5] or refer to the user manual for more on operating ownCloud [6].) You just need a web server running on your computer. You can then drop the ownCloud folder to the web server's root directory. Access the folder via your browser and set up the admin user, and you are ready to roll.
After you log in successfully, you can add another layer of security by enabling ownCloud encryption. To do so, click on the drop-down menu on the far right and go to the Apps page. Scroll down to select the Encryption plugin, enable it, log out, and log in again to generate the encryption keys. Upload the KeePassX file to ownCloud.
To make sure your ownCloud is available throughout your local network; you need to edit the config.php
file in the owncloud/config
folder. Open the file, go to the trusted_domains
section, and add the IP address of the system hosting ownCloud. Now you can access your ownCloud from other network devices. If you log in from another device, you will see that the KeePassX file is available on your LAN (Figure 7). Install KeePassX on your mobile device, and open the database file (Figure 8). All your passwords are now available on your mobile devices.
Since the network you are using is your home network, and it is possible you will make changes to the KeePassX file when you are not on the home network, be sure the file is synced before you use it on other devices, or you might end up with several version of the same file.
Encryption Algorithms
KeePassX uses two of the most secure encryption algorithms available today: AES and the Two Fish algorithm.
AES is a symmetric-key cipher, meaning the same key is used for the encryption and decryption of the data. It is a block cipher, with block size fixed at 128 bits (i.e., it operates on chunks of 128 bits of data). The key size used for an AES cipher can be 128, 192, or 256 bits. Check out AES encryption process with the flash animation available online [2].
Two Fish algorithm was one of the five finalists during the AES selection process. Although Two Fish was not selected because of performance concerns, it offers similar or even better security than the Rijndael algorithm that was eventually chosen for AES. Two Fish is also a symmetric key algorithm, with block size of 128 bits and key size ranges from 128 to 256 bits. The Two Fish algorithm is not patented, and the implementation is available for download [3].
Infos
- KeePassX homepage: http://www.keepassx.org/
- AES encryption video: http://www.formaestudio.com/rijndaelinspector/archivos/Rijndael_Animation_v4_eng.swf
- Two Fish encryption: https://www.schneier.com/twofish.html
- ownCloud homepage: http://owncloud.org/
- Installing ownCloud https://owncloud.org/install/
- ownCloud user manual: http://doc.owncloud.org/server/8.0/user_manual/
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.