WHAT SHOULD YOU look for in your finely
balanced password manager? First,
it must be cross-platform—apps for
W i n d o w s , m a c O S , a n d L i n u x , p l u s b r o w s e r
add-ons, and mobile support on iOS and
Android. Second, you need full control
over where your passwords are stored—
whether your own hosted server or choice
of cloud storage provider. Third, we want
better transparency from our password
managers, which is where open source
comes in. And fourth—not mandatory,
but preferably—support for additional
forms of authentication to protect your
password vault, such as 2FA or key files.THREE OPTIONS HIT THE SPOT
We’ve settled on three potential solutions.
The first is KeePass, the open-source
desktop password manager. If you already
store all your passwords in a KeePass
database, it makes sense to continue using
this feature. Check out the box opposite for
the quickest way to get a multi-platform,
cloud or network-synched password
setup using KeePassXC.
If you plan to store your database
online for always-accessible synching,
we strongly recommend making use of
KeePassXC’s additional security options
to protect your file if the server it’s
stored on is compromised. You can pair
it with a physical YubiKey, or create a
special key file that’s required alongside
your password to open the file, so
even if your password is subsequently
discovered, the vault remains off limits.
To add a key file, choose “Database >
Change master key,” click “Add additional
protection,” then “Add Key File.” Click
“Generate” to create the file—we suggest
saving this in a different location from
your password file. One option would be
to store it on another cloud platform (forexample, Google Drive if your main file is
synched via OneDrive).BUILD ME UP, BUTTERCUP
Our second solution is Buttercup (https://
buttercup.pw). It checks all the platform
boxes, with support for Firefox and
Chrome browsers. Unlike KeePass, which
relies on third-party mobile support, all
Buttercup apps are native (and completely
f r e e). L i ke K e e P a s s , t h e r e’s n o p r o p r i e t a r y
server on which your password vault is
stored, but support for synching via the
cloud is baked into Buttercup’s DNA.
This is evident from the moment you
download and install the Windows client.
On first launch, you’re invited to click “Add
archive” to set up a new vault. From here,
you can create a new archive—which you
store locally—or choose “Connect Cloud
Sources” from the pop-up menu to create
an online archive for synching purposes.
The Windows desktop client supports
just four services: Dropbox, OwnCloud,NextCloud, and WebDAV (which includes
Box among its supported clients). Google
Drive is conspicuous by its absence,
despite the fact it’s an option in both the
browser add-on and mobile apps—as a
workaround, if you have Backup and Sync
installed on your computer, generate
a new local archive, and save it in your
Google Drive folder to make it accessible
to your browsers and mobile devices.
Next, enter a master password to
protect your newly created archive—
the usual caveats apply: Make it as long
as possible, and try to avoid making it
obvious. That said, it’s the one password
you need to remember going forward, so
don’t make things too difficult for yourself.
Click “Confirm” and retype the password
before clicking “Confirm” again.
One of Buttercup’s neat features is that
it makes it easy to manage multiple vaults
at the same time—you can create more
than one and switch between them easily.
Use this to segregate passwords from
each other—you could, for example, keep
all your online passwords in one vault
synched to your cell phone and browser,
while offline passwords remain stored on
your PC only.CREATING & MANAGING PASSWORDS
By default, the desktop application is
designed primarily to organize your
passwords into folders (or groups), plus
create new passwords from scratch.
Here, only title, username, and password
fields are provided—if you plan to
manually create web logons, you need
to click “Add new field,” enter “URL” for
the “Label,” then type the web address
into the “New Field” box to convert it into
something that works with the Buttercup
mobile app or browser add-on.
Look out for the magic wand button
next to the password feature—clickingAdd an ex tr a l ayer of securit y to your KeePassXC vault.Direct sync support is currently limited to four options in Buttercup. ©^KEYPASSX
C,^
BUTT
ERCUP,^
MI
CROSOFT,^8BITSOLUTIONSLLCpassword server
54 MAXIMUMPC DEC 2019 maximumpc.com