Happy Free Software Day and thank you KeePassXC for your awesome work! <3
One of the cornerstones on how to keep yourself secure in the modern world is to use strong passwords + 2FA and encrypted communication methods when living your life on the net. To manage all the complex passwords needed for the services you use you should let a password manager do all the hard work.
At Seravo we prefer to use offline password managers such as the open source KeePassXC, which is the modern fork of the older and still popular KeePass-project. For a long time the online password managers had the advantage of good browser integrations, since they are by definition made for online use, making them the go-to solution for the basic user.
Fortunately the makers of KeePassXC didn’t just accept this situation but started working on their own official browser integration. The extension is currently available for Chromium based browsers as well as Firefox and Edge. You can also get the package for the plugin via Debian packages if you wish.
What is it for?
The extension allows the user to easily to log in to an online service via browser, using the username and password from the password manager, without needing to manually input the username and password. This is instead done simply with a few clicks from the UI provided by the extension within your browser, no copy-pasting needed!
Using the extension you will remove the need for the passwords to be saved in clear text to the browser or to trust in a commercial online password manager provider.
Is the extension secure?
The official browser integration for the KeePassXC password manager is developed and maintained by the KeePassXC developers themselves. Unfortunately KeePassXC has not yet been audited by an external security company, read more in their FAQ. The KeePassXC-project is also completely open source and found by multiple users to be truly offline password manager, as all the code is available for the world to see. Still, we’d hope to see the project’s codebase being audited at some point.
The browser extension does not transform the KeePassXC password manager to an online one, so no password data is not sent to some external server as there is feature that needs that. Also, the extension does not work if you haven’t unlocked the password database, so it doesn’t work on itself as it’s not saving any passwords in it.
How do I install it?
I recommend you either get the extension via the Debian repository or download the extension via the official browser stores. Also check the KeepassXC FAQ for more specific questions about the tech behind the project.
Below you’ll find the steps to enable the extension in a browser:
1. Install and configure the KeePassXC password manager
2. Enable the browser integration from the settings
3. Install and setup the extension to your browser of choice
4. Refresh the extensions connection or restart your browser (depending on the browser)
5. Try to log in to a service with credentials you have saved into the password manager
Now you’ll have a more smooth experience when logging in to services on the web!