How to newly install and migrate KeePassXC

I have been using KeePass for many years and have decided to move to KeePassXC.

https://keepassxc.org/

Both KeePass and KeePassXC are open source password management tools, but there are some important differences. The main differences are listed below

  1. Development and supported platforms:.
    • KeePass is developed primarily for Windows, but can also run on Linux and macOS using Mono or Xamarin. There are also third-party ports and apps available for use on a variety of platforms through these.
    • KeePassXC is a project that branched out to provide cross-platform support for KeePass and runs natively on Linux, Windows, and macOS. Therefore, KeePassXC is specialized for cross-platform support and provides a unified user experience in each OS.
  2. User Interface:.
    • The KeePass user interface is relatively simple and maintains the classic Windows style. This may make it seem somewhat old-fashioned to some users.
    • KeePassXC features a modern user interface that offers a more sophisticated look and feel. This improvement makes it easier to use, especially for new users.
  3. Features and enhancements:.
    • KeePass is known for its ability to extend functionality through plug-ins. Users can customize functionality by adding various plug-ins.
    • KeePassXC offers more functionality as standard, but is not as extensible through plug-ins as KeePass. However, KeePassXC has many useful features built in, such as browser integration, SSH agent support, and TOTP (time-based temporary password) generation.
  4. Security Features:.
    • Both applications use advanced encryption technology to protect passwords, but KeePassXC focuses more on security features, such as the ability to use hardware tokens to access the password database.
  5. Development Community:.
    • KeePass is a long-standing project with an extensive user base and developer community.
    • KeePassXC is a relatively new project and is particularly popular with users who value cross-platform use and modern UI design.

The choice depends primarily on individual needs and preferences and the platform used; KeePass is suitable for users who value a high degree of customization through plug-ins, while KeePassXC is suitable for users who want cross-platform support and a user-friendly interface. KeePassXC is suitable for users who want cross-platform compatibility and a user-friendly interface.

Installation is completed by simply downloading and running the file from the official website. I wanted to use screenshots and videos in the article, but only KeePassXC is not shown. The reason may be due to the security features built into KeePassXC; KeePassXC takes security very seriously and may have features to protect sensitive information such as passwords, preventing information from being leaked through screenshots.

Therefore, we decided to start a Windows virtual machine in VMware or VirtualBox. Within this virtual machine, we decided to screenshot and record the process of installing and configuring KeePassXC. There may be other ways to do this, but in this case we used this method to avoid the limitations of the host system.

First, we exported the login information from KeePass. The format is KeePass KDB (1.x). This format is a valid format for importing in KeePassXC.

Then import this file in KeePassXC. Enter the password as it was when you created it in KeePass. You will create the database after the list of login information to be imported is displayed.

Using KeePassXC’s Import Wizard, you can import data exported from your existing password management solution into the KeePassXC database. During this process, several settings and options can be specified, including encryption settings and database credentials settings. This section describes these settings in detail.

Encryption Settings

KeePassXC uses advanced encryption technology to protect the contents of the database. As part of the import process, you can configure the following encryption-related settings

  • Encryption Algorithm: KeePassXC allows you to choose from several encryption algorithms, including AES (Advanced Encryption Standard) and ChaCha20. These are used to securely encrypt database contents.
  • Key Generation Function: A function used to convert passwords into database encryption keys; Argon2 is one of the currently recommended key generation functions and provides a high degree of security.

Database Credentials

Credentials are required to access the KeePassXC database. These are used to unencrypt the database and access its contents. Credentials settings include

  • Master Password: This is the primary password used to access the database that the user must remember. It is recommended that a strong and unique password be used.
  • Key file: An option used in combination with the master password, a physical file (e.g., a file on a USB drive) is used as an additional authentication method. Without the key file, the database cannot be accessed. To enable this, click the “Add Protection” button on the Database Credentials screen.
  • YubiKey Authentication: Another option to protect access to the database using a hardware security key such as YubiKey. This allows for two-factor authentication (2FA).

By properly configuring these settings, you can enhance the security of your KeePassXC database and protect your sensitive information. Encryption settings and credential selection are important factors in determining the level of security for your database. Through the import wizard, you can fine-tune these settings and apply the security measures that best suit your needs.

After the import is complete, you should be able to auto-populate the login site.

KeePassXC-Browser is a very useful browser extension for KeePassXC that allows you to link your web browser with KeePassXC. Using this extension, you can automate the login process within your browser, increasing convenience while maintaining security.

Key features of KeePassXC-Browser

  • Automatic login: When accessing a registered website, KeePassXC-Browser automatically fills in the stored user name and password, automating the login process.
  • Automatic password generation and storage: When creating a new account, KeePassXC-Browser generates a strong password and automatically stores it in the KeePassXC database.
  • Update existing login information: If you change your password, KeePassXC-Browser can detect the changed information and update the existing entries in the KeePassXC database.
  • Cross-platform support: KeePassXC-Browser is available for all major web browsers, including Chrome, Firefox, and Edge.

Installation and configuration of KeePassXC-Browser

  1. Install Browser Extension: Search for and install KeePassXC-Browser from the extension store of your supported browser.
  2. Update KeePassXC settings: open KeePassXC and go to Tools > Settings > Browser Integration to enable browser integration. If necessary, you can enable only specific browsers.
  3. Pairing Browser with KeePassXC: Click on the KeePassXC-Browser extension icon and follow the instructions to pair the KeePassXC database with the browser extension.

Once you have completed this setup, the KeePassXC-Browser extension will work with KeePassXC to greatly simplify password management in your web browser. This allows you to work more efficiently online without compromising security.

When pairing the KeePassXC-Browser extension with KeePassXC, a “unique ID for connection” is required for security reasons. This ID uniquely identifies the communication between the browser extension and the KeePassXC database and prevents unauthorized intervention by other processes or applications. While there is no functional problem if you give it an appropriate name, for ease of management and identification, it is a good idea to choose a name that makes it easy to understand what the ID is for.

For example, including the name of the browser being used or a word that indicates its purpose will make it easier to identify which ID corresponds to which connection when managing multiple browsers and devices in the future (e.g., “MyPC-Firefox” or “Laptop-Chrome”).

This unique ID is only used to establish a secure pairing between the browser extension and KeePassXC and is not used for any other purpose. Therefore, you do not need to worry about security or privacy.

Since we are here, let’s go to the login screen and enable automatic login.

To set up automatic login in KeePassXC, you need to enter your site address (URL), user ID (username), and password correctly in the KeePassXC entry. Here are the specific steps

  1. Open KeePassXC: Open KeePassXC and create a new entry or edit an existing one.
  2. Enter entry information: Fill in the “Title”, “Username”, and “Password” fields for your entry. These are the information required for login.
  3. Add Website URL: In the “URL” field, enter the exact address of the website where you want to be automatically logged in. This will allow the KeePassXC-Browser extension to identify the correct entry and auto-fill it.
  4. Save Entry: Once all information has been entered, save the entry.
  5. Automatic login with browser extension: If KeePassXC is running and the KeePassXC-Browser extension is enabled, the login process will be automated by automatically filling in the username and password when accessing the configured website.

Points to note

  • Use of accurate URLs: It is important to enter the exact URL of the login page in the “URL” field to ensure the success of the automatic login. Use the correct URL, as many websites may have a different URL for the login page than the main page URL.
  • Maintaining Security: To keep your passwords secure, make sure that your KeePassXC master password is strong and unique. Also consider utilizing two-factor authentication (2FA) if possible.

If you follow these steps, you can set up automatic login to your website using KeePassXC. This will simplify password management and make the login process more convenient while maintaining security.

Closing and restarting your browser may be a good way to ensure that any changes or updates to your settings are properly reflected; this is a good way to verify that the integration between KeePassXC and the KeePassXC-Browser extension is working properly.

When I accessed the site, the browser displayed an access request, and when I allowed it, the information was automatically filled in. This is evidence that the configuration is working correctly. This access request is an important step in ensuring security and asks for the user’s permission before the browser extension can use the information stored by KeePassXC.

Please share if you like it!
TOC