All Your Passwords, Everywhere – With a Secure Password Manager in ownCloud
Weak passwords are one of the main reasons for successful hacking attacks – password managers can protect you. With ownCloud, you can even share your passwords between devices.
Usually, security comes with a price. Most tools which can protect your online security, like javascript blockers or GPG, get in the way of your tasks. Password managers are an exception.
A password manager is one of the few tools which both protect you and make your life easier. You only need to remember one passphrase to decrypt your vault – then you can copy-paste all other passwords from there.
No reason to keep weird username/passphrase combinations in mind. No reason for 4 different passwords, of which one contains a * and two $$ characters, but another doesn’t, because the platform forbid it. No reason to type out all those passwords ever again.
Why Put Your Passwords in the Cloud?
One problem with password managers is that they usually stay on one device. This is more secure, but inconvenient – you may need your bank credentials on your phone one day, e.g. during vacations.
If only you had an ownCloud account to synchronize your passwords between all your devices, just as you are used to with your files. Fortunately, this is possible.
If you store your passwords in the cloud, you have to worry about who owns the server, of course. Here comes the ownCloud bonus: in contrast to other cloud storage providers, with ownCloud you know which admin you trust with protecting your passphrases.
With most password managers, and definitely with the two tools I’m showing today, you don’t even have to worry about that. The password vaults are encrypted with your master passphrase, so the admin can’t access them.
There are several password managers out there – the tools with the best integration into ownCloud are KeePassXC and Passman.
KeePassXC – All Your Passwords in One File
KeePassXC stores all of your passphrases in one file, the password database. It’s easy: you just download KeePassXC from the official website or the packages for your distribution, install it, and create a database.
The best way is to use the ownCloud desktop client. Then you can save it in your synchronization folder, so it stays in sync with your other devices.
If you want to access it on mobile, you have to install the ownCloud Android or iOS app, and a KeePass app like KeePassDroid. Then you can import the KeePass database from the ownCloud directory.
Add a Passphrase to Your KeePass Store
Pick a strong, long passphrase which you can definitely remember. This XKCD comic is very good advice on how to create strong passwords, which are easy to remember. Then you can start to save your passwords:
Built-in Password Generator
When you need a new passphrase though, you better use the built-in password generator. It creates random passwords, which are nearly impossible to guess. This is what it looks like in KeePassXC:
Export Your Credentials to Other Password Managers
KeePassXC is a great tool to start, and has almost all features you need. If you miss something and find another password manager which supports it, you can still export all your passwords to a .csv file and import it somewhere else.
For example into Passman, the second password manager I want to introduce:
Passman – a Password Manager Integrated Into ownCloud
If you don’t have admin rights and can’t install KeePassXC on your computer, then Passman might be the solution for you. It is an ownCloud app, the ownCloud admin installs it to the server.
Then it works in the browser – you can open it via the app tray in ownCloud. The first step is, as with KeePassXC, to create a password vault. Choose a strong passphrase:
Add Passwords to Passman
Then you can add passphrases to the password manager. It really works similar as KeePassXC, just the interface looks slightly different:
Of course a password generator is included in Passman, too. You can generate really secure passwords with one button. No one will ever be able to guess them (except quantum computers, maybe).
In the settings you can find some options how those passwords should look like. The default option (12 chars) is a bit short – you should pick something above 30. You will only copy-paste them anyway:
Optional: Import Your Credentials From Other Password Managers
Passman also has an import & export function – this makes migrating from something like KeePassXC a lot easier. It supports many different password managers. If you exported your KeePassXC passwords to a .csv file, you can import them like this:
You can also use the export and import feature to make backups from your passphrases – this way you can be sure you have a backup on your PC when the ownCloud goes down, or when you are offline. You can also import it into several other password managers.
This backup will be unencrypted though – if you don’t want to trust your admin with all of your passwords, you should not sync the backup to your ownCloud. Why would you? The passwords are already there, encrypted and secure.
What Is the Best Solution? What Is Most Secure? Pick Yourself!
There is no solution which fits everyone’s requirements – do you have admin rights at your work computer? Does your admin refuse to install the Passman app? Do you have an ownCloud mobile app? Do you use a Linux flavor where KeePassXC doesn’t run?
Try them out and choose the solution which fits for you. ownCloud is about customizability – you should be able to adjust it to your needs. If you find another tool which works better, tell us. But for now, you can try one of those:
Install KeePassXC on your computer!
Install Passman to your ownCloud!
Do you have other password managers to recommend? Leave a comment!
And feel free to show this post to your family & friends, if their bad passwords don’t let you sleep at night.