People have accounts with all kinds of online services. It’s a good security practice to use different credentials for every service. Unfortunately, that means you have to keep track of dozens, if not hundreds of passwords. Our human brains aren’t up to a task like that. Computers on the other hand have no problem remembering a lot of stuff. It makes sense to store your passwords on a computer but you also want them with you when you’re on the move. Cloud services like Lastpass are ideal for storing your passwords and for having them readily available wherever you are. But what if you don’t trust public cloud services? Well, I’ll show you a way to manage passwords with KeepassXC and Nextcloud.
KeepassXC is a community fork of KeePass, a free, open source password manager. It runs on pretty much any operating system: Linux, MacOS and Windows. There are also compatible clients for Android and iOS. The program allows you to store your credentials in an encrypted database file, which is secured by a password and possibly other means.
I’ve written about Nextcloud a few times on this blog. With Nextcloud, you can create your own private cloud, allowing you to store files, calendar, contacts and a whole lot more. You can run it on hardware you own, even in your own home. There are sync clients available for all computing platforms, allowing you to access your data anywhere.
How to manage passwords with KeepassXC and Nextcloud
Using a password manager like KeepassXC is good security practice because it allows you to easily generate and store strong passwords, which can be entered into your browser or app using the touch of a button. You won’t need to remember them and they’re stored securely in the database file.
Create your KeepassXC database
Once you have KeepassXC installed, you use a wizard to create your database file. Simply give the database a name and an optional description. You can leave the encryption settings at the defaults or use stronger encryption if you want increased security. Finally, KeepassXC asks for a Database Master Key. This is the password that protects all your other passwords so you will want to create a secure password or passphrase here. Be sure it is something you can remember though, because once lost, there’s no way to regain access to the database! For more in depth instructions of how the software works, I refer you to the documentation on the KeepassXC website.
Sync the database with Nextcloud
Syncing the database with your Nextcloud server is easy. Simply save your database file in the folder that you sync with the Nextcloud server and the Nextcloud desktop client will upload it for you in the background. Your database file is now available on all devices you have connected to your Nextcloud instance.
Getting Lastpass like functionality
Just like Lastpass, KeepassXC supports integration with modern browsers like Firefox, Google Chrome and Brave. For these browsers, there is an easy to use extension you can add to your browser which detects login fields in web pages and will allow you to autofill your credentials. You can also generate strong passwords from the extension. If your browser isn’t supported directly, you can still use KeepassXC but you’ll have to select your credentials in the application window and use the autofill feature from there.
When you manage passwords with KeepassXC and Nextcloud, you can have Lastpass like convenience and ease of use but without having to rely on public cloud services. As long as you manage the security of your Nextcloud server properly and use a strong password or passphrase to secure your database file, your passwords are at least as safe as with commercial services.
Any thoughts on this? I’d love to hear your password managing tips!