‘How To Create & Use 256 Bit Strong Passwords With Free Open Source KeePass’ by Anya Adora
Easy url: https://tinyurl.com/4NY4CRYPTO
Original Post (March 2017)
Recently on Twitter i began responding randomly to those having public conversations over using LastPass given recent events and security being compromised. While i continue to occasionally post info re: this as a response and many have found it useful, I feel this would also be a good topic for me to compose a short piece here on which i can easily point people to vs Tweets.
I began using Keepass a decade ago. Although many know of it, It still doesn’t seem to be common knowledge for beginners and i’m unsure if those who’ve tried it casually have figured out how exactly to unlock its potential which really is amazing. There’s also MANY Plugins which i don’t often use but feel free to explore those as well. For the purpose of this post, I’ll be focusing on the fact that Keepass is OpenSource, Free, Crossplatform and Ported for Mobile. There’s zero excuse for having weak passwords and there’s zero need to ever pay for a service like LastPass again once you learn this.
I personally use KeePass on Android, Linux and Windows. It is also ported for iOS as well as OSX and others. Unlike Lastpass and other password managers that are paid and store your data in the cloud, Keepass uses a local database you can copy and place on your devices and then open with one password and use autofill features within it to log on to sites.
I use 256 Bit generated passwords, once saved i use the Right Click, Open Link & AutoFill features KeePass has. In Linux there are additional packages to download for Autofill, you most likely will be prompted to install those once attempting to use that feature. Otherwise, it’s simple straightforward and works flawlessly both on Android and Windows for me and many others also use it and praise offline database / free software as well vs paid software, bad security and a cloud copy of your database file.
Think about it. Do you really want ANY ASPECT OF YOUR COMPLETE PASSWORD DATABASE on someone else’s server? How is that SECURE when you could COMPLETELY REMOVE THAT ISSUE & DO IT FREELY?
Why are YOU PAYING to do that? For SECURITY?
Please, consider what i’ve said here. Take the time, put in the effort and learn how to use 256 bit passwords which literally take 3 seconds to use with the auto-fill feature. There’s no excuse for your accounts, personal data and online safety to not be protected after reading this whereas passwords are concerned.
UPDATE: A conversation on Twitter re: another Password Manager led me to share info re: How To Manage Passwords In Response To Gag Orders, Legal Affairs & General Extreme InfoSec. I personally use this method not because i’ve anything to hide, i just prefer additional layers of security.
HOW TO: ‘VeraCrypt For Gag Orders’: You can create an encrypted database of all passwords you use, then store such a password encrypted database file in a VeraCrypt volume using Hidden Volume / Plausible Deniability Mode. You now have all your passwords offline, not on someone’s server, encrypted twice and hidden in a manor which you can deny they even exist.
UPDATE x2: If you’d like to have a very secure backup of your Keepass Database file and are using the VeraCrypt method i’ve mentioned here and would like to learn how to take it a step further.. ;-)
HOW TO: ‘Steganography For Online Backup’: Using Steganography with a FREE OpenSource tool like SilentEye you can take a small (*Make it as small as possible) Veracrypt Volume (Make it 10MB or so) WITH a Hidden Volume inside of it. Then Embed That VeraCrypt Volume inside of a .WAV Audio File and then upload that audio file to ANY WEBSITE THAT WILL NOT RECONVERT IT.
You may have to download and test .WAV in order to find out if the site strips data hidden in side your file by re-encoding it. If it does not, You could post a simple voice recording if you don’t own music / audio to post embed your 3x now Encrypted & Now Obfuscated file using Steganography. *Make an audio file that appears big enough to have a 10mb file in it without making it look like something is wrong. ie. A long audio track in .wav format is better ;-)