How I manage all of my passwords on Linux with FOSS

How I manage all of my passwords on Linux with FOSS

For the past years I’ve been using LastPass to manage my passwords. This is a proprietary freemium app that basically stores all of your passwords behind a master password. As long as you remember the master password you can unlock all of the stored passwords. This app has a browser extension to make this super easy for you to use because it has autofill for websites and the only thing you have to do is to click an icon and LastPass will insert the login credentials and you’ll log in right away. Super easy. If you ever register on a new website then LastPass detects it and asks you if you want to save the new credentials. It even has a password generator for generating secure passwords. Since using it my passwords look something like: 3V$%ervwEWFCGw4_?=ky – I don’t have to remember them, LastPass will. And with such super secure passwords, you can be sure that they are virtually impossible to hack.

Keep in mind that since using LastPass I “collected” thousands of login credentials stored there. So I know one single master password, and for hundreds of websites I have no clue of any passwords.

But LastPass is proprietary software so you never know exactly what they do with your data or if they are capable to keep it secure. Plus, its free version lacks some of its premium features. On top of that, LastPass, like most “free” services out there, collects your data for various reasons (source).

But then I decided to go full open source with this. And I found KeePass. This is probably the most well known and robust open source password manager out there. But its user interface sucks big time. It looks like it was designed 20 years ago.

Not a screenshot of my computer.

However since it is an open source project it mutated into various forms. I then found a nice mutation called KeePassXC – nicer looking and more adapted for Linux.

Not a screenshot of my computer.

Installed it. Then went to my LastPass account (website) – More Options – Advanced – Export. I exported my passwords – they show up as plain text. Copy that text in a text editor and save it as CSV file (.csv) and make sure you select the encoding to be UNICODE (UTF-16) before saving. Now I had all my password as a CSV file. Go to KeePassXC and import CSV and choose a master password – can be the same as the LastPass one. Now the important part comes: make sure you choose the tables correctly so the Username tab is filled with LastPass usernames, Password tab with the LastPass passwords, and so forth. You’ll see it is super easy, just a few things to select. That’s it. Now I imported my passwords into KeePassXC. And now delete the fuckin’ CSV file :D. No need to keep such a file with all of your passwords on your computer or anywhere else.

But I wasn’t happy, I need a better KeePass mutant and integration with Chromium. KeeWeb! – great interface, and super easy to use. In terms of interface, you have multiple themes: dark, light, etc..

Not a screenshot of my computer.

Download, install. Went back to KeePassXC (the semi-ugly one) and saved the database as .kdbx file. Now went to KeeWeb and imported it. Migration done! My LastPass database is imported into KeeWeb. I basically used KeePassXC only to properly convert LastPass CSV file into a proper KeePass database (file).

Now I could play around with KeeWeb settings like “Clear clipboard after copy”, or when to lock the app, etc.. But I also wanted to integrate it with Chromium because that’s the point. To do that go to its settings, then plugins, and find “keewebhttp” plugin. Install it.

Now I install a browser extension called chromeIPass. It’s open source too. That’s it. Clicked the extension and it will ask you to connect with the KeeWeb. Connect it and you’re done.

Now I have my LastPass database converted to KeePass format, managed via KeeWeb (the pretty mutant), and connected to my Chromium via chromeIPass.

As long as KeeWeb is open on your system and you are logged into it, then the browser extension functions exactly like LastPass. Will detect websites and login forms automatically and fills the logins for you. Super neat! You can set up KeeWeb to never close.

But now the awesomeness comes 😀 – ready?

You might think: why all of this fuss? Why move from LastPass to this only because it is open source? Well because is fucking neat and I’ll tell you why. The only thing KeePass (original one) needs is this .kdbx database. That’s a file containing all of your passwords and login credentials. This file is encrypted with your master password and you can move this file anywhere you want it. Leave it on your computer so that you know all of your passwords belong to you and are hosted only by you and not a 3rd party company. No one can open this file, but you (with the master password). And you can do cool stuff with it – this database works with any KeePass fork (mutant). Don’t like KeeWeb? No problem, move to the original and more feature rich KeePass. The Chromium extension I installed will work with any KeePass mutant too.

And here’s what I did with my .kdbx database (my passwords): I saved it on my computer as a simple file. Now KeeWeb has a backup option and I opted for making backups on my computer every time I modify the database (add a new password, change something, etc.). So, I have my .kdbx file + backups of it on a folder on my computer. They are encrypted already. But I also make daily encrypted backups of my Ubuntu system files on an external hard drive too, so the .kdbx file and its backups are also backed up daily on my external hard drive alongside all of my other operating system files. Not enough! :D. Now I sync this folder with my raw .kdbx file and its backups, to my Dropbox and Mega.

Ok, let’s recap. I have a folder on my computer where the .kdbx file and its backups are – this folder is synced to Dropbox and Mega + it is backed up on my external hard drive.

Why all of this? For one, for security reasons (that’s the external hard drive backup that I make and the Mega sync), and second is because once the .kdbx file is on Dropbox then I can use it on my mobile – you can use Google Drive or WebDAV for this too, but Dropbox was the easiest solution for me. Here’s how:

Let’s now sync the password manager KeeWeb with my phone. Install the open source Keepass2Android on your phone. Then click “open file” and select Dropbox. Now select the .kdbx file that you synced to your Dropbox. Put in the master password in and login. Done! Now your app on your desktop (KeeWeb) and your app on your phone (Keepass2Android) are using the same exact database of passwords and this database is synced and backed up in multiple locations. Change something on your desktop app (like add a new login, or change a password) and it will reflect the changes on your phone because it is sent to Dropbox. And the other way around. Super fucking neat! And of course you can unlock Keepass2Android with your fingerprint, so no need to ever write down the database password. Also, you can tweak its settings to suit your needs.

 

Let me stress this out: now all of my passwords are locked inside a file with a master password that only I know. The password is strong enough. This file can be unlocked and managed with many apps that are free and open source so they don’t collect your data or do anything fishy. This file is also backed up like nuts in multiple locations, and synced so that I can use it from any device I want.

I have full 100% control over my passwords/accounts. And even though I had to put the file on Dropbox to be able to sync it to the phone easily, the file is already encrypted so there is no way Dropbox or anyone else can read what’s inside.

You may think the process of using KeeWeb or moving from LastPass to it, is a bit complicated. But it’s not at all considering the benefit of having full control over your passwords and accounts credentials. As soon as you create the .kdbx file (the database) you can use it any way you want with several apps, online, or offline, on any device. 😉

Tell me that’s not fucking neat! 🙂

This is how LastPass converted into FOSS for me.

 

In short, you need KeeWeb and KeePass2Android.

Leave a Reply

avatar
  Subscribe  
Notify of