FH#4 – Password Manager

In today’s Friday Hack, we take a look at passwords. Where are you currently storing your passwords? In a Google Drive File? In a Word Document? In a piece of paper? Well, it turns out that the best way to secure your password is to implement a Password Manager.

Why use a Password Manager?
In theory, you should have different passwords for different services. This means that your Facebook password should be different from your gmail password. Your twitter password should be different from your Instagram password. Additionally, it is highly recommended that you use a combination of lower case letter + upper case letters + number + a special character. And, that you do not use common words, but rather a hash-like password such as 2986b7f0cd0ba9827ace0810c8818825. The longer and more complicated your password is, the more secure and harder to crack it becomes.

So, here is where Password Managers come in handy. They allow you to create your own database of passwords. Note that there are cloud-based services that can manage your passwords online, but if such company ever gets hacked, so get your passwords. Personally, I don’t like the kind of application that autofill forms for you, that are integrated to your device or browser.

In this session, I started using one that is basically just a DB of passwords, where you manually organize your passwords, and that is completely disconnected from everything. There exists a common file format for the DB, and it’s supported by many different Password Managers, the .kdb extension.

I started using KeePassX (https://www.keepassx.org/) for Linux. Here is a how it works after downloading the application:

Create a master password.
passdb_2

Create or Select a Database. In this case, I have a dummy Database named “passdb1”
passdb

Manually Create a tree-structure to organize your passwords. You can add, edit, or remove a key.
passdb_3

Add your username and password, and other relevant information.
passdb_4

Save it. And that’s it! Now, every time you look for a password, open the KeePassX application, supply the master password, then look for the password you need.

In the future, I will look into backing up this database of passwords. I will come back with a post on how to do it.

Leave a Reply

Your email address will not be published. Required fields are marked *