Using a password manager // What everybody should know about using KeePassXC

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
using a password manager is the best thing you can do for your personality security i'm aaron from security guide me and in this video i will show you what everybody should know about using keepassxc the password manager of my choice first of all keypass exceeds my personal preference but it doesn't mean it is better or worse than other password managers like lastpass or one password or strongbox or keypass or passbolt for teams for example there are cloud solutions and there are file based solutions like keepassxc and both of them are ok to use so i decided for keepassxc because it is secure it is clean it's well usable it's actively maintained and it's free and open source and i like it so let's have a look how to use keepassxc at the first startup we are asked if we want to check for up to check for updates on startup and yes we want to do this and here in that dialog it says create new database a new database is basically nothing else than a new file that holds your passwords so we want to create a new database call it passwords decryption time we leave most things in default continue and here we need to set the master password make sure to use a secure and long master password like at least 12 characters because your password manager file will be encrypted using that password so your file will only be as strong as your password that you use here so here on i clicked onto that i here and now i enter my password this is my number one password manager so i have chosen a passphrase with some typos lowercase characters uppercase characters special characters and numbers uh and this is secure enough for my personal password manager so we click on done and in the next step we save the database go to the desktop and just save it to the desktop here we go we have an empty password manager if we want to add the first entry we click on that plus sign here and create our first entry so let's say we want to create an entry for facebook so we enter the title is facebook my username is my email address just a random one here greg buff at gmx.de and here i have to enter my password first thing i do now is to log on at facebook using my credentials that i know by heart and i log in hopefully successfully and go to settings security and log in and here i change my password so i enter my current password and now i have to create a new password i go back to keepass and here i have a symbol this is a dice and this opens the password generation tool where random passwords are generated i click on to the i and here you see a preview of a randomly created password with 20 characters uppercase characters lowercase characters digits and special characters you can exclude for example special characters here or you can add them as you like i make it invisible and regenerate the password click onto that copy symbol and here in the lower right corner you see that the clipboard is cleared in five seconds and so this is important that if you copy a password from the password manager the clipboard is automatically cleared after 10 seconds that other apps have less chance to use data from the clipboard and send it to the cloud for example so we copy that password go back to facebook enter it they say strong password that's what we expect and we save the changes hopefully worked and we go back to the password manager click apply password and still enter the url that we know on what url we use that password it was facebook.com click ok and keepassxc automatically saves your password file now that the password does not get lost i log off to demonstrate how to log in again using the brandon password now you can now go here and left click onto the entry copy the username copy the password and like enter it here by just copying username and password but there is another feature that is quite nice i delete that entry here i go here right click and say perform auto type and when we do this there is also a shortcut with control shift and v when we do that the the last active window uh is brought to the front and keystrokes are simulated entering your username a tab a password and enter and you're automatically logged on so let's try this here is autotype and we are perfectly logged on it is only important that you choose the right entry from your password manager to not enter a wrong password and probably disclose a password for another application to an untrusted application but in my opinion there's a better solution which is the keepassxc browser extension i have disabled the browser extension in that browser now but i have installed it i just activate it and by activating i see here the new symbol for keepassxc it is grayed out it is not green here and here it says message encryption fail is keep us running i press reload and it says now the key exchange was not successful this is because the browser integration of keepass is disabled by default so your browser extension is a piece of software and your keepass xc client is another piece of software and they somehow need to communicate and they use a communication but that needs to be enabled in the client software so we go to settings which is this little symbol here and here we have the browser integration and we enabled this and we enable firefox and tor because i use the firefox here you can also use chrome for example click ok and try to reconnect doesn't work let's try to reload the page and here i see the icon became green and so they're actively connected so i log out now and now you see that on the login form here is a green symbol of keepass again and when i click it nothing happens so i reload the page once again just to make sure and i need still need to connect uh to my keepass application so i say this is my firefox on my laptop for example save and allow access and still nothing happens i refresh the page once again and now a browser access request window appears and it automatically detected an i'm on facebook because we entered the url in our uh keepass entry and we allow uh our password manager to pass the password for of this entry to the browser window and we say remember then this question is not on or this window does not pop up every time and now we can click onto that green button in the login form and the login details are pre-filled automatically we just click log in and we're logged on successfully and now when you get a phishing mail which leads you to facebook.com for example your password manager will refuse to send the password to your client or to your browser because uh it's the wrong url and so it would detect it would not detect the right entry and so you uh can double check the url for example if you're not able to log in by default uh using the browser extension so i find that's quite a cool security feature if we now change the password once again we go to the entry go to our password generator regenerate the password change it again in facebook apply the password okay and the entry is updated but now we have not really changed our facebook password in the facebook web application but we can still find our password history in that entry we go to the facebook entry go to history here and using the history we see the old entry and we can just restore it in case something unexpected happened and here we go it is important to know that uh your passwords are now stored in an encrypted file which is on your computer so you need to make sure that you have a backup so regularly copy it onto a usb stick or even better copied to a file share for example i have prepared one drive onedrive is is installed on every windows machine by default i stored my passwords.kdbx file onto my desktop and i will just copy it go to drive paste it here and the onedrive application automatically syncs it up to the cloud it is password protected by our super secure password and so microsoft who runs onedrive will not be able to read my passwords and that's absolutely secure enough a few passwords you will still have to remember so you will not be able to store your windows password in your password manager when you log on to windows so that's a password that you need to remember by heart and i also recommend to know your email password because using your email address you can recover most accounts uh on the internet and i also recommend strongly to know your onedrive password or tres read password or whatever sync tool you use because if you lose your laptop or your laptop gets encrypted you should be able to access your backup from another pc to get back your password manager file you need to know at least four or five passwords of course you need to know your password for your password manager file either and best is to use a unique password uh for each application if you want to change your password on uh in keepassxc nothing easier than this you can go to database database security say change password and enter your super strong new password click ok it's saved in the background and your new password applied automatically now that you have a password manager you can't just log in at every web application on random devices because you need your password manager file and this also applies to your mobile phone if you don't have the file on your mobile phone you cannot log in to multiple web services so what i personally do is i uh log on to web applications that i want to access on my phone click remember me and so i'm not logged off on my phone and i have a persistent session there and i have to do this very very seldomly but you can also use a mobile application for a password manager there is for example keepass to android for android and there is also strongbox which is also compatible with keepassxc for ios or apple devices those are the most important things you need to know about using keepassxc in a future video i will show you additional features that most people probably haven't heard of if you don't want to miss it subscribe to my channel or to my newsletter find the link below and if you liked that video i would be happy about the thumbs up have a nice day and bye bye
Info
Channel: securityguideme
Views: 16,125
Rating: undefined out of 5
Keywords:
Id: uQUtBooXJ54
Channel Id: undefined
Length: 14min 29sec (869 seconds)
Published: Mon Nov 08 2021
Related Videos
KeePassXC Advanced Usage // 8 features you might have not heard about
securityguideme
59K
Most PRIVATE Password Manager
Naomi Brockwell TV
233K
10 ways Windows is just BETTER
Linus Tech Tips
2.4M
Best KeePass Plugins - 9 Extensions That Will Make Your Life Easier
Valentin Kossenko
49K
KeePass Password Manager Tutorial - Detailed Step by Step Guide | NEVER FORGET YOUR PASSWORDS AGAIN
Valentin Kossenko
142K
The Password Manager Security Experts Use
Cyberspatial
150K
Linus got hacked!?!?!? - Honest Answers Episode 3
Linus Tech Tips
2.7M
Nvidia CEO Jensen Huang and the $2 trillion company powering today's AI | 60 Minutes
60 Minutes
451K
How to get started with 1Password
Paul Minors
223K
15 Driving Tricks They Don't Teach in Driving Schools
BRIGHT SIDE
6.3M
KeePass Password Manager Review | Should you use it in 2024?
CyberNews
6.8K
KeePassXC TOTP (2-Factor Autofill) | Complete Crash Course
TroubleChute
21K
How to SAFELY store PASSWORDS & 2FA ENCRYPTED? KeePassXC + synchronizing with mobile device
Crypton [EN]
19K
Google Data Center 360° Tour
Google Cloud Tech
5.1M
HTTP Request Smuggling Attack Explained // Untangling the HTTP Desync Attack
securityguideme
12K
How to use a password manager
The Verge
381K
Keepass vs Lastpass vs No Password Manager
Chris Titus Tech
94K
New Boston Dynamics HUMANOID Robot ATLAS SHOCKS The World!
AI Uncovered
7.2K
Password Managers: KeePassXC VS Bitwarden
Lawrence Systems
81K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.