Managing passwords in Linux with KeePassX

No readers like this yet.
Is Occupy Wall St. really an "open source protest?"

Opensource.com

According to the U.S. Computer Emergency Readiness Team, "Passwords are a common form of authentication and are often the only barrier between a user and your personal information. There are several programs attackers can use to help guess or 'crack' passwords, but by choosing good passwords and keeping them confidential, you can make it more difficult for an unauthorized person to access your information."

Today there are dozens of usernames, IDs, and passwords to be managed by the average person. And if you are a system administrator, you might manage hundreds of accounts with hundreds of passwords. How do you remember them all, not to mention remember to change them periodically?

I started with a password-protected spreadsheet, then decided I needed to find a secure, yet human-friendly, piece of software that does it all for me. When I found KeePassX, my life changed. It's powerful, well supported, and very stable. Best of all, it's free software. I've been using the Linux and Windows versions for years, and there are mobile versions too. One of the reasons I chose and recommend KeePassX is because it uses the KeePass 2 (.kdbx) password database format as the native format. It can also import (and convert) the older KeePass 1 (.kdb) databases.

The original project is KeePass. KeePassX started as a Linux port of KeePass, which was at that time an open source but Windows-only password manager. Both are now cross platform: KeePassX uses Qt libraries and recent versions of KeePass use .NET / Mono.

Most users state that KeePass (non-X) integrates with Microsoft Windows best. It also has a nice synchronization feature and lots of plugins to add more capabilities. And KeePassX works better on Linux and Mac. While some Linux distributions do make the official KeePass easier to install, it also appears to run slower than KeePassX. Installing them both should not be a problem so long as you don't open the same database for them at the same time. I personally use KeePassX, and the examples displayed here are based on it.

KeePassX enables you to organize your passwords into categories. Once you're logged in, you have access to all of your email, website, and bank passwords.

KeePassX categories

Each entry stores the following information:

  • Title
  • Username
  • URL
  • Password
  • Comments
  • Date and time of password expiration (if configured)
  • Attachments

New KeePassX entry window

Password generator

KeePassX can also generate random, secure, and strong passwords. You can designate whether passwords need to be uppercase, lowercase, or both. You can also specify whether they need numbers, white spaces, or special characters and set a desired length. You can even customize your random password by selecting the characters you want to include.

KeePassX password generator

The database

All of the information is stored in a database on a single file with a .kdb extension. Of course, it can be encrypted and (this is strongly recommended) protected by a single master password or a key file. You can share your database and use it under all the supported platforms: Linux, Mac OS X, iOS, Android, and Windows Phone. And, you can create and use more than one database.

Autotype

This feature deserves a paragraph on its own, although it's not available for all the versions (only mono-based in v2.x for Windows and all versions for Linux). It enables you to enter both username and password in a webpage, by simply entering a predefined key combination (typically Ctrl+V) while positioning over an entry. In the versions not supported, the values can be copied from within the tool with Ctrl+B (username) and Ctrl+C (password). Or you can simply "drag-and-drop" from the KeePass window into the browser. Not bad!

Import/export

You can import and/or export all your information stored in the following formats: PwManager (.pwm) and KWallet (.xml) files- export as textfile (.txt)

Language support

KeePassX is supported in almost 20 languages, including English, French, Portuguese, Spanish, Russian, and Chinese.

Plugins and add-ons

The latest versions (2.x) support a long list of plugins and extensions, such as database backups, keecloud, web autotype, Truecrypt auto dismounter, and many more.

User profile image.
I'm a Sr Linux/Unix specialist for more than years, currently working @IBM, looking for a challenging role in Linux/Unix projects. My IT Skills include: Debian Linux, RedHat Linux, Ubuntu Linux, Solaris, AIX, Xampp, Apache, Puppet, mysql, Postgresql, PHP, Bash, Samba, Squid, Postfix, patching, security hardening.

8 Comments

"When I found KeePassX, my life changed."

Yep. That pretty much sums it up.

I started using KeePassX because it had a Maemo version, so it worked well with my Nokia N900. I've been using it since. I've started using MacPass on my work laptop, which is a native version that seems to work a little better.

The author mentions that it can be protected by a password OR a key file. Guess what- you can use both! In fact, anything can be used for a key file. If you secure it using both features, then not only would someone have to guess your password, they would have to guess the contents of the one file out of the millions of files on your computer that you use as a key file. Music, movies, source code, anything can be used as a key file.

I am using Enpass Password Manager. It's an offline cross platform password manager available for Linux, Mac, Windows, iOS, Android, Windows and BlackBerry 10. It gives you freedom to save every kind of information. Enpass keeps your database confidential as it saves all your information locally only on device, no where else not even on our server. App uses open source SQLCipher engine to provide AES 256-bit encryption.

Enpass is also totally free for Linux and other desktop platforms. Apart from the above mentioned, Enpass has some more features:

Native app for Linux with clean and smooth UI.
5 cloud account support to sync with including ownCloud/WebDAV.
Free Browser Extension support for Chrome, Firefox and Opera.
TOTP support for login accounts.
Import from 25 Other Popular Password Managers.

I use keepass2 on linux. Are there any benefits to switching to KeepassX?

Hi Amado. I did not test keepass2, so I can't answer your request directly. My advice is to install both in your box and test each one separately for a while, and decide which one fits your needs and you feel more comfortable with.

nice feature of KeePassX is that a .kdbx password database can be copied to another computer or smartphone where you can open it. beware to have only one 'mother' database, otherwise you might get confused with different records in each database.

also works on ownKeepass on the Jolla smartphone.

I don't think KeePass plugins are compatible with KeePassX.

Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-Share Alike 4.0 International License.