Updated: 1/14/24
Reference: Password Page
Reference: WiFi Security (Home)
Reference: Secure Online Cloud Storage
Reference: Intro & Commentary
This is my first Blog Post on my "tech site", in several years!! I wanted to recommend the use of this great digital encrypted "wallet" & Password Manager/Database. If you're looking to keep your data "safe & secure", then look no further than KeePass/KeePassXC.
There are many Online Encrypted Password Managers. And although most are reputable and safe to use, I only recommend using a LOCAL Encrypted Password Manager called KeePass.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can store all your passwords in one database, which is locked with a master key. So you only have to remember one single master key to unlock the whole database.
Why KeePass?
In today's digital Online-world, we keep most of our data (especially personal) somewhere online. (ex: Email, Banks, School, Taxes, Work, etc). You are basically required to remember way too many passwords for ALL of your Online Accounts.
And what do most of us do, to make it easier for us to remember all of these passwords? We use and "RE-USE" the same passwords for all of our online accounts. This is a VERY bad idea! Why?
You should ALWAYS use a different password for each account, because if a hacker gains access to only ONE of your accounts with your password, the thief would have access to ALL of your accounts. So this defeats the very purpose of even using a password to "secure" your accounts. See my Passwords Page.
With KeePass you would SIMPLY create ONE "Master Password" and you'll never have to remember any other password the rest of your life, as long as your have your KeePass Database with you.
The reason I use it and highly recommend it, is because its a "local" Secure Digitally Encrypted Password Manager, which is NOT stored "online". So you can keep your KeePass Database on your local or backup harddrive, completely SAFE from prying eyes on the internet.
Pros:
Database is NOT online, where hackers LIVE and scour the Internet for vulnerabilities (NOT easily accessible to hackers & bad actors, due to "Local" Storage Only).
Secured with the BEST Cryptography & Encryption today (ex: AES256, xChaCha20, etc.).
Very Quick, Fast and efficient, as compared to other Online Password Managers.
Great for "storing data" of any type and kind, which a large myriad of uses.
Uses both software & hardware security keys, to enhance privacy & security even further!
Easily transportable and uses data compression to keep your database small in size and quickly unloadable.
Using Security Keys: This is one of my favorite features of KeePass, if not my absolute favorite. Why?
KeePass offers the use of both a "software" & "hardware" key. What is the difference, you ask?
Well, let's start with a "software" key. Its a small digital mathematical key that you can use, to add even more security to your database. How does it work? Well, when you initially setup your encrypted KeePass Database, it will prompt you to create a "Master Password" and an optional digital key, which if you choose to do so, creates a small file on your local harddrive (you choose where to save it).
This file will be used when "logging" into your database, after you type in your "master password", it will ask for your key. This essentially adds a "Double-Layer" of entry protection, into your database. You cannot simply log into your DB, without the use of this security key, that you initially created. (Similar to using MFA or 2FA). See my MFA-2FA Page.
Example: Imagine entering your home with your key, and it won't allow you entry, until you have both keys (simultaneously), to enter the house!
Advantage of using Security Keys:
If a hacker finds your KeePass Database and even "somehow" knows your actual password, they still CANNOT get into your database without that key, which ONLY you know where it is stored.
As far as a "Hardware Key" goes; this is even MORE secure than the "software key". Why?
Because, its an actual piece of hardware that you can actually put on your keychain or hold in your purse, backpack, pocket, etc. Basically stated, if a hacker finds a way to "access" your encrypted database, once again, they CANNOT get into your data and open that database, without the actual hardware key that you have " on your person"!
Note: Hardware Keys, like a "YubiKey" are the absolute BEST WAY to protect yourself online, against ANY kind of attack from anyone anywhere !! I personally use a YubiKey for all of my main important online accounts (ex: Email Logins, Bank Logins, Financial/Investment Accounts, etc.)
Search for "YubiKey" on Google and see all of its benefits. Highly recommended by Hackers! And who would know BEST, if not the "experts" in this field.
Cons:
The only real drawback is that you have to take your Laptop, Backup or USB Drive with you everywhere you go . But, this is a very small inconvenience and is totally worth it, in my eyes. If you listen to IT security specialists and/or Hackers, they strongly recommend this method of secure data storage, as preferable than keeping data online.
Single-Point of Failure: Some suggest that keeping ALL of your passwords in one place, creates a single-point of failure, and I agree with them (technically-speaking). However, it only requires two things to be truly secure and avoid this issue.
Never lose your Master Password.
Never lose your KeePass Database.
Like with anything in life, this completely relies on YOU and the importance you place on this Database and its security. Anyone can lose anything at any time. That's NOT an excuse to never use something and deny its value or validity. Everything depends on YOU !!
Simply put: Like with anything in life, "You get out of it, what you put into it".
Hacking Concerns:
Almost anything can be hacked online, and if someone gains access to your "Home Computer", then anything on your local drive can also be hacked. However, by default, its better to have something on your "local" device (ex: Laptop, Desktop PC, SmartPhone), than out on some company's Remote File Server, somewhere in the world. See my page on "Securing your WiFi Router". VERY VERY IMPORANT to secure your "Home Network", to prevent hackers from "gaining access" to your data on your computers in your actual house.
Now, that's NOT to say that you still cannot be "hacked". It just means that it will so MUCH HARDER for someone, to actually get into your local computer and find the file and hack into it.
I personally keep my actual KeePassXC File on Local Backup Drives. So, even if a hacker finds a way into my local computer "remotely", they can never find my KeePass Database File or Security Keys, because I keep them on Local Backup Drives (separately), that is NOT connected to my Laptop, via a USB connection, so they cannot see or access my data, in any way!
On a side note: Even if my backup drive is connected to my laptop via USB, they still CANNOT get into my KeePass Database, because my "software key" is stored on a different drive. Never ever store your actually database with your security key "together". That's like giving an intruder the keys to your house and the combination to your safe, in that house.
NOTE: The harder you can make it for bad actor to access your system, the better !!
ONE LAST VERY IMPORTANT THING:
People tend to think "cynically", as they ALWAYS state that, "no matter what" you're going to be "hacked", so WHY does it even matter?
We'll that's a naive & immature way to view it, in my opinion. Privacy Matters !!
This is NOT a question of "having something to hide", or doing something nefariously, it's about "VALUING and PROTECTING your privacy online" in today's Digital World, which we all have a Constitutional Right to have and expect !! See my Intro & Commentary Page.
For those cynical parties who CLAIM that don't really care about Privacy & Security Online or in the real-world itself, then put them to a simple test:
Ask them to give you their PIN Code to their Bank Debit or Credit Card.
Ask them to hand-over their Android or iPhones for any length of time.
Ask them to give you their Social Security Number, for whatever reason.
Ask them to give you their passwords to ANY of their Online Accounts.
Ask them give you their loved ones home addresses and/or phone numbers.
If they can give you ANY of the above-mentioned information, then they TRULY don't give a fuck about their "privacy"! But, we all know, that's absolute BULLSHIT !!! Case closed.
What do I do Personally? I always keep my databases "current & updated", then upload them each, from my local backup drives, onto to my Secure Cloud Storage Vaults for backup. (NordLocker and Proton Drive). See my Blog Entry for "Secure Cloud Storage".
On a Side Note: KeePass can be used for a variety of uses/reasons:
A Journal or Diary
A Database of any kind of Data (Personal, Financial, Work, etc.)
A Repository of Notes (Books, School, Personal, Work, Note-taking, etc.)
The uses are endless - And its all completely Safe & Secure FOREVER !!
KeePass is completely FREE and it is open source and OSI certified.
Check them out at https://keepassxc.org/
Checkout the KeePass Security Features:
Checkout the KeePassXC Privacy Features: