Username And Password: Safely Saved And Synchronized Between Multiple Devices
A few simple ideas for creating a secure username and password archive, shared between multiple devices and accessible online, even remotely. Password management and their storage on a secure medium are essential to prevent unauthorized users or cybercriminals from using them to steal the identity of others, steal confidential data and cause damage of various kinds.
We have seen how a computer attack arises and how the correct conservation of username and password is essential to prevent aggression in both the professional and private spheres. We’ve already seen how easy it is to find passwords saved on a Windows PC and how insecure web browsers are for storing your login credentials .
Those “allergic” to cloud password management services can opt for professional solutions such as Psono, which allow you to safely save usernames and passwords and possibly share this information with company collaborators. However, even more famous is KeePass, free and open-source software that offers itself as a secure and “attack-proof” password manager. It is based on more than just the operating system’s security measures.
Still, it implements secure cryptographic algorithms that do not allow the content of protected username and password archives to be traced without having the correct master “password.” An almost incalculable number of forks or derivative projects have originated from KeePass, which have simplified the memorization of usernames and passwords on Windows, Linux, macOS, Android and iOS mobile devices.
Create A Shared And Synchronized Username And Password Archive
There are many ways to access an archive of usernames and passwords. A good solution may be to use a cloud storage service such as Google Drive, OneDrive, Dropbox, or iCloud, private cloud platforms such as Nextcloud, ownCloud and so on. All user devices can access stored usernames and passwords from a KeePass-compatible client.
Data is saved to the cloud in pre-encrypted form using keys generated locally on individual devices. In our article, let’s assume you are using KeePass on Windows, Linux, and macOS machines and KeePassX for Android. Both open-source products allow the management of long lists of usernames and passwords.
To start using the first software, you can consult the guide on KeePassXC, which has recently been enriched with new security functions such as Windows Hello, Touch ID and Apple Watch support. To keep things simple, both KeePassXC and KeePassDX do not handle authentication with cloud storage platforms themselves: this is a prudent choice on the part of the developers.
In Windows or macOS, download Google Drive and install the client: it will create a virtual identification letter through which you can access the contents of the Drive storage.
As can be seen in the example in the figure, by accessing the Google Drive client preferences and then clicking on the icon depicting a gear, in this case, the G: Drive is used. In our case, we downloaded KeePass portable by extracting its content in the C:\KeePass folder.
By double-clicking on the KeePassXC.exe executable, you can click on Create a new database and then specify your preferences. For example, you can indicate the preferred cryptographic algorithm (we suggest leaving the default settings unchanged) and, if anything, increase the “decryption time” a little.
The last step is to define a “strong” password, long and complex enough, then add extra protection, such as a critical file or a FIDO2 YubiKey or OnlyKey key. For example, by clicking on Add key file, you can generate a file for unlocking the protected archive, which must be kept in multiple copies away from Google Drive or the storage service used to keep your username and password.
With a click on Database, Save a database as you can save the password file, for example, in Google Drive. In our case, within the Save database as a window of KeePassXC, you can select the virtual unit G to save the archive with usernames and passwords on the Google cloud.
By default, the key file is stored with the .keyx extension, while the database containing the username and password is stored as a .kdbx file. The more “distrustful” can state “chronicle name. next” (counting twofold quotes) in the Save data set as a window so as not to make it clear from the beginning that the data set saved money on Google Drive or some other distributed storage administration is a KeePass data set containing delicate scrambled information.
KeePass username and password databases support native synchronization of information: thus, it is possible to access the same database from multiple devices simultaneously.
Installing KeePassX on your Android smartphone or tablet allows you to access the credential database stored on Google Drive or saved on other storage services.
Just copy the .keys key file previously generated on the desktop to your smartphone, then tap Open an existing database at the bottom of the application’s main screen. From here, it is sufficient to select, for example, Drive, touch My Drive and finally select the archive name. my text file previously uploaded to Google cloud storage.
By typing the master password previously set on the archive and then specifying the position of the critical file ( .keyx ), it will be possible to interact with the credential database from a mobile device: the changes will be updated and synchronized. The alternative to using the cloud for password database storage is to save the latter, for example, on a local NAS and then access it remotely using an IPSec, OpenVPN or WireGuard L2TP VPN server: we have talked about it in many of our articles.