-
Download KeePassX from http://www.keepassx.org/
-
It is a zip file, just unzip it in some directory and one is good to go.
-
Start KeePassX
-
Using KeePassX one can create a new database. This database is a file on local file system in which it stores everything encrypted. Every database will have a master password which will be used to encrypt everything.
-
Provide master password
-
Save the database in some file
-
KeePassX currently uses the KeePass 1.x (Classic) password database format as the native format.
Syncing this file on various devices
- Since the database is just an encrypted file, any cloud based sync service can be used. I have used dropbox for the same.
- Via dropbox the file will be available on all other machines, tablets and mobile phones.
- On all other machines, same KeePassX can be used to open up the file.
- On IOS MiniKeePass can be used to open up the file.
Why is it safe to keep this file in public dropbox
-
To generate the final 256-bit key that is used for the block cipher, KeePass first hashes the user’s password using SHA-256, then encrypts the result N times using the Advanced Encryption Standard (AES) algorithm (called key transformation rounds from on now), and then hashes it again using SHA-256. For AES, a random 256-bit key is used, which is stored in the database file.
-
As the AES transformations aren’t pre-computable (key is random), an attacker has to perform all the encryptions, too, otherwise he cannot try and see if the current key is correct.
-
Nothing prevents an attacker to just try all possible keys and look if the database decrypts. But what KeePass does is to make it harder.