What makes things worse is the fact that different venues maintain different password policies (e.g., in terms of password length, formation, duration), forcing you to set a wide variety of passwords in different life cycles. While technological advances (e.g., oAuth) try to address the explosion of site-specific credentials, they are not a perfect solution. Until any goodalternative to passwords becomes mainstream, passwords will not die any time soon.
This is when a password manager software such as KeePass comes in handy, which is an open source (GNU GPLv2+), OSI certified, light-weight password manager. KeePass allows you to manage your passwords in a secure database, which is locked with a master key and/or a key file. The Linux port of KeePass is available as KeePassX. Its features include:
- User-friendly password management with grouping and search.
- Support for password expiration date.
- Database encryption with AES (256 bit) or Twofish (256 bit).
- Customizable generation of secure passwords.
- Autofill (experimental).
In this tutorial, I will describe how to manage multiple passwords on Linux with KeePassX.
Install KeePassX on Linux
To install KeePassX on Debian, Ubuntu or Linux Mint:
To install KeePassX on Fedora:
To install KeePassX on CentOS or RHEL, first enable EPEL repository, and run:
Manage Passwords with KeePassX
To launch KeePassX, simply run this command:
The first time you use KeePassX, you need to create a new password database. To do so, click on "New Database" icon on the top left panel. You will be asked to supply a master key which will unlock the access to your password database. As the master key, you can use a simple password, a key file, or both.
Once you have created a database, you can now add password entries to the database. Click on "Add New Entry" icon.
Fill in your credential detail including password as follows. Don't forget to save change in the database.
To access your password in a particular entry later, right-click the entry, and select "copy password to clipboard" option. Your password will then be copy to clicpboard, which you can paste into any password blank. Note that for security reason, the plain-text password copied on clipboard will automatically be removed after 20 seconds.
KeePassX maintains individual password databases in an encrypted fashion. To change the encryption algorithm used in the current database, go to "File" --> "Database Settings".
To update KeePassX configurations, go to "Extras" --> "Settings". Here you can change various security related settings as shown below.