Take control of your passwords and login details with KeePassXC

An online password manager is at risk of being hacked. Take control of your site logins by storing them in and encrypted database using KeePassXC on the Mac

A password manager is an essential tool because it is impossible to remember all your login details. Instead of online or paid tools, KeePassXC is free and offers security benefits.

There are many password managers and some run as applications on the Mac, while others are accessed online through the browser as you surf the web. Some password tools are very good and LastPass for example, is a popular choice for many people.

However, a problem with an online service is that you are trusting your login details for banks, online stores and every site you use to someone else. What if the service gets hacked?

Every week we hear about one site or another getting hacked and losing customer login details. Could a password service be hacked? Yes, it is possible. Just Google ‘LastPass hacked’ for example, to see reports of problems.

This is a major concern when you store all your login details online.

Other password apps may store your login details in on the Mac, but if you have more than one computer, do they sync your passwords everywhere you need them? Is that sync secure? Is it cross platform and compatible with Windows or Linux PCs?

Safari can remember all your passwords, but they cannot be accessed if you use Chrome. This could be a deal breaker and it force you to use another password manager.

KeePassCX is a cross platform app that is based on the popular KeePass password storage utility and it has a number of useful features. For example, it could be used as a backup for your current password manager.

If you lose one then you always have the other. You won’t be locked out of all your accounts if you lose access to your main password manager.

KeePassXC could be used as your main password manager instead of a paid service because it is free open source software.

It could be used instead of an onlinbe service if you are worrked it might one day be hacked.

KeePassXC is not quite as smoothly integrated into the operating system as some password managers, but it is certainly usable. The security is good and there is a way to securely sync your login details across computers.

Related: 15 ways to increase the security of your Mac
Related: Does a VPN slow down the internet?

1 Download and install

Go to keepassxc.org and download KeePassXC. Open the .dmg file and drag the app to the Applications folder.

The first time you run KeePassXC, do not double click it because it will not work due to macOS security restrictions. MacOS just says it is an unknown app and therefore will not run it. The first time KeePassXC is run, Ctrl+click it and select Open.

Ctrl+click KeePassXC on the Apple Mac the first time it is run

2 Open KeePassXP

A message appears and clicking Open runs the app.  (After this first run you can just double click KeePassXC to run it.)

macOS displays a warning when you try to run unknown apps

3 Save the database

Passwords, usernames, notes and other information stored in KeePassXC is saved to a very secure and encrypted database. Passwords.kbdx is suggested, but it can be anything.

The location where it is saved is an important consideration. It could be stored on the Mac’s disk, but then it would not be available on other computers.

If you use online storage, such as Dropbox, Google Drive, OneDrive or similar service, store it in the synced folder. It will then be synced to your other computers - Mac or PC - and your passwords will be accessible from anywhere.

Create a new encrypted database for KeePassXC on Google Drive

4 The main screen

KeePassXC opens and displays the main screen. It will not show much until some passwords are added. Click the third icon in the toolbar to add a new entry.

The KeePassXC main screen on the Apple Mac

5 Store the password details

In this screen I will store the login details for the Dropbox website, but it could be any site or service you use. Enter the title, username and password (twice). Then enter the URL of the website.

Create a new entry for a username and password in KeePassXC on the Apple Mac

6 Configure Auto-Type

Many password managers integrate with web browsers so that you can easily log into websites. KeePassXC does too, and the feature is called Auto-Type.

Many websites and services have a simple login form. There is a username box and a password box. KeePassXC can fill these in for you. I’ll be using Dropbox, which has a typical and very simple sign in.

More complicated signin forms can be automated by setting a custom Auto-Type sequence. The KeePass Auto-Type documentation explains this in detail.

For Dropbox and similar simple forms, just add the name of the browser window - the name on the browser tab in Safari - and select the default sequence.#

Configure Auto-Type in KeePassXC to automatically enter usernames and passwords at websites

7 Go to a website

Now that we have created an entry in KeePassXC, let’s see how it works. Go to the website you added, which is Dropbox in my case. Click the Sign In link if necessary. Here is the Dropbox sign in form.

The Sign In form at the Dropbox website

8 Use Auto-Type

Now here’s where the app gets a bit clunky. Switch to KeePassXC, right click the entry you need (I have only created one so far), and select Perform Auto-Type.

KeePassXC automatically switches to the last window that had the focus and enters the username and password. It isn't as slick as other password managers, but it works OK.

Use Auto-Type in KeePassXC to log into websites

9 Passwords in Safari

The login went perfectly without a hitch. Safari detected the log in and asked if it should save the password. It is up to you and it might be useful to have the login details stored both by Safari and by KeePassXC.

Select Never for This Website if you want to store login details only in KeePassXC.

Safari on the Apple Mac offers to save website login details like passwords

10 We’re in!

That’s it, Dropbox appears in the browser and the login process is done. Now add all your other site login details.

The Dropbox website in Safari on the Apple Mac

Pros and cons of KeePassXC vs other password managers

Pros

  • You are in charge of your site logins and no-one else has access.
  • You can store the KeePassXC encrypted database anywhere you want
  • KeePassXC’s database can be synced across computers by storing it in a synced folder like Dropbox or Google Drive.
  • Auto-Type logins can be created to save typing. There are also toolbar buttons to copy usernames and passwords for pasting into login forms.
  • No worries about your password manager being hacked

Cons

  • You have to manually create entries for login details, whereas some other password managers capture this automatically.
  • You have to switch to KeePassXC to log in to a site.
  • It is a bit clunky and not as slick as some other password managers.

 

Share

Comments

1

What a great idea! We have so many areas of our life that requires passwords today and it is very easy to forget. Thanks for the instructions on how to use the software.

Add new comment

By submitting this form, you accept the Mollom privacy policy.

Related items you will like...