I am new to using KeePassX- any simple walkthroughs you recommend?

[CataclysmicGentleman]

I want to safely store all the scattered passwords ive got on scraps of paper and in my apple notes, once and for all in a truly secure and safe way. On my 100% pure linux laptop, on keepass, but is there a better software for password storage? KeepassX looks pretty perfect from all I can tell from the reviews, websites ive looked up, and the app itself. There are some things I am not used to, and it is a bit overwhelming as I have not used something like this before, any suggestions are more then welcome! (PS: I will be sure to read https://www.linux.org/threads/in-de...fa-totp-with-keepassxc-aegis-and-authy.36577/ tomorrow! Tonight I did not even notice the article I am so sleep deprived haha)

 

[Stellaris]

Keepassxc is a fork of Official Project Keepass.
use a long length passphrase and if you are extra paranoid, create a key file too.
When opening the password database, you need both the passphrase and the key file. This process is equivalent to taking money from ATM. You need both the pin number and the debit card.
If you lose one of them, you have to say good bye to your passwords.
Passphrases can be brute forced, but that depends on the characters you used to create he passphrase and the length of characters.

 

[Condobloke]

Just fyi....

In short -- if the password consists of randomly generated lowercase letters, then no, the 3-word passphrase would most likely not be more secure. For the 3-word passphrase to have comparable entropy to a 12-character lowercase password, the 3 words would have to be randomly selected from a list of almost a half-million words (and I do mean completely randomly selected, not cherry-picked).

If you're using Bitwarden's passphrase generator, which only has 7776 words, then you would need 5 words to match the strength of a 12-13 character password, and 6 words to match the security of a 16-letter password.

I know you are not using bitwarden....but the numbers still hold true.

maybe worth a read:

How to determine how entropy changes when using uppercase, numbers and special characters in a dictionary based passphrase?

I know the general math behind using character-based and dictionary-based passwords/passphrases and how to determine the entropy of the result. But I am unclear how adding uppercase letters, number...

security.stackexchange.com

 

[Condobloke]

fwiw....I use bitwarden. I elect to use upwards of 16 lowercase/uppercase/numbers/special characters. In many cases i use 21 or more.
I like to think I have made myself very unattractive to anyone nefarious enough to wish to look at my business.

I have no interest in remembering any of them.

 

[Condobloke]

And if you really want to have a think.....

Kerckhoffs's principle - Wikipedia

en.wikipedia.org

 

[Condobloke]

On the lighter side..

Password Strength

xkcd.com

 

[wizardfromoz]

Actually Gent, @CataclysmicGentleman while I think of it, on basic security - when using Fedora, firewalld is enabled by default.

However, on Mint, Ubuntu and so on, the firewall is not enabled by default.

They use ufw (the Uncomplicated FireWall) and you need to enter at Terminal

sudo ufw enable

You can install firewalld on them also, if you wish, instead.

Wizard

 

[CataclysmicGentleman]

@wizardfromoz good to know!
I actually was looking into UFW just yesterday on my mint laptop.

@Everyone else
Thank you for the advice, suggestions, and the funny joke haha..
Yes I always thought about how we often make passwords that we can never recall, yet computers can easily figure out.
I have created a new way of making passwords that I do not forget yet are hard to guess.
But I cant tell you on public forums, the AI overlords are always watching! XD

 

[Lord Boltar]

Me I use a minimum of 16 digits combining upper & lower case letters , numbers and symbols

 

[Lord Boltar]

I actually was looking into UFW just yesterday on my mint laptop.

You can also install GUFW which is a front end GUI for UFW - here is mine

 

[f33dm3bits]

I actually was looking into UFW just yesterday on my mint laptop.

Fedora has a Firewall gui app installed, just search for it in the menu using the search function.

 

[sphen]

(Image of password security chart. See above.)

Me I use a minimum of 16 digits combining upper & lower case letters , numbers and symbols

The chart in @Lord Boltar's post above is over two years old, possibly older. Keep in mind that password charts and password quality measurement tools remain the same once they are published. ... and republished ... and republished...

-> In security, nothing gets more secure with age. (... Alright, I will make an exception for documents and stuff that decay or self-destruct.)

Look at the password quality measurement that you see in a lot of Linux installers, like the latest versions of Ubuntu, for example. The Ubuntu installer is "generous" in assessing password quality, mostly because it has not changed in many years.

In addition, most recommendations you see apply to the present day (or the past). How long do you need for the information to remain secure? How safe are accounts and data from 25 years ago that were secured with an eight character password? Are there copies somewhere?

Think about those concerns when you read recommendations about security best practices. When were they written? Do they need an adjustment to be consistent with today's security best practices?

... and also keep those questions in mind as you configure your password manager.

(Edit: Fixed typo.)

 

[wizardfromoz]

Fedora has a Firewall gui app installed, just search for it in the menu using the search function.

I mentioned it.

when using Fedora, firewalld is enabled by default.