Blog

All Your Passwords, Everywhere – With a Secure Password Manager in ownCloud

Weak passwords are one of the main reasons for successful hacking attacks – password managers can protect you. With ownCloud, you can even share your passwords between devices.
All Your Passwords, Everywhere – With a Secure Password Manager in ownCloud

All Your Passwords, Everywhere – With a Secure Password Manager in ownCloud

Weak passwords are one of the main reasons for successful hacking attacks – password managers can protect you. With ownCloud, you can even share your passwords between devices.

Usually, security comes with a price. Most tools which can protect your online security, like javascript blockers or GPG, get in the way of your tasks. Password managers are an exception.

A password manager is one of the few tools which both protect you and make your life easier. You only need to remember one passphrase to decrypt your vault – then you can copy-paste all other passwords from there.

No reason to keep weird username/passphrase combinations in mind. No reason for 4 different passwords, of which one contains a * and two $$ characters, but another doesn’t, because the platform forbid it. No reason to type out all those passwords ever again.

 

Why Put Your Passwords in the Cloud?

One problem with password managers is that they usually stay on one device. This is more secure, but inconvenient – you may need your bank credentials on your phone one day, e.g. during vacations.

If only you had an ownCloud account to synchronize your passwords between all your devices, just as you are used to with your files. Fortunately, this is possible.

 

A woman sitting on a bed with a laptop

Don’t be fooled – not all hackers wear a black hoodie or a mask. At least not all the time.

 

If you store your passwords in the cloud, you have to worry about who owns the server, of course. Here comes the ownCloud bonus: in contrast to other cloud storage providers, with ownCloud you know which admin you trust with protecting your passphrases.

With most password managers, and definitely with the two tools I’m showing today, you don’t even have to worry about that. The password vaults are encrypted with your master passphrase, so the admin can’t access them.

There are several password managers out there – the tools with the best integration into ownCloud are KeePassXC and Passman.

 

KeePassXC – All Your Passwords in One File

KeePassXC stores all of your passphrases in one file, the password database. It’s easy: you just download KeePassXC from the official website or the packages for your distribution, install it, and create a database.

The best way is to use the ownCloud desktop client. Then you can save it in your synchronization folder, so it stays in sync with your other devices.

If you want to access it on mobile, you have to install the ownCloud Android or iOS app, and a KeePass app like KeePassDroid. Then you can import the KeePass database from the ownCloud directory.

 

Add a Passphrase to Your KeePass Store

Pick a strong, long passphrase which you can definitely remember. This XKCD comic is very good advice on how to create strong passwords, which are easy to remember. Then you can start to save your passwords:

 

ownCloud KeePassXC create password

Create a new password entry in KeePassXC.

 

Built-in Password Generator

When you need a new passphrase though, you better use the built-in password generator. It creates random passwords, which are nearly impossible to guess. This is what it looks like in KeePassXC:

 

ownCloud KeePassXC password generator

Use the built-in password generator of KeePassXC to generate a password.

 

Export Your Credentials to Other Password Managers

KeePassXC is a great tool to start, and has almost all features you need. If you miss something and find another password manager which supports it, you can still export all your passwords to a .csv file and import it somewhere else.

 

ownCloud KeePassXC export csv

You can export you passwords from KeePass into a csv file.

 

For example into Passman, the second password manager I want to introduce:

 

Passman – a Password Manager Integrated Into ownCloud

If you don’t have admin rights and can’t install KeePassXC on your computer, then Passman might be the solution for you. It is an ownCloud app, the ownCloud admin installs it to the server.

Then it works in the browser – you can open it via the app tray in ownCloud. The first step is, as with KeePassXC, to create a password vault. Choose a strong passphrase:

 

ownCloud Passman create vault

You can create a Passman vault directly in the web interface.

 

Add Passwords to Passman

Then you can add passphrases to the password manager. It really works similar as KeePassXC, just the interface looks slightly different:

 

ownCloud Passman add passwords

When you add a passphrase to Passman, you can also link a username and a login URL to it, even notes and tags.

 

Of course a password generator is included in Passman, too. You can generate really secure passwords with one button. No one will ever be able to guess them (except quantum computers, maybe).

In the settings you can find some options how those passwords should look like. The default option (12 chars) is a bit short – you should pick something above 30. You will only copy-paste them anyway:

 

ownCloud Passman Generator settings

You can specify how many different kinds of special characters will be in your generated passwords.

 

Optional: Import Your Credentials From Other Password Managers

Passman also has an import & export function – this makes migrating from something like KeePassXC a lot easier. It supports many different password managers. If you exported your KeePassXC passwords to a .csv file, you can import them like this:

 

ownCloud Passman import KeePass passwords

In the settings, you can choose to import passwords from many different password managers.

 

You can also use the export and import feature to make backups from your passphrases – this way you can be sure you have a backup on your PC when the ownCloud goes down, or when you are offline. You can also import it into several other password managers.

This backup will be unencrypted though – if you don’t want to trust your admin with all of your passwords, you should not sync the backup to your ownCloud. Why would you? The passwords are already there, encrypted and secure.

 

What Is the Best Solution? What Is Most Secure? Pick Yourself!

There is no solution which fits everyone’s requirements – do you have admin rights at your work computer? Does your admin refuse to install the Passman app? Do you have an ownCloud mobile app? Do you use a Linux flavor where KeePassXC doesn’t run?

Try them out and choose the solution which fits for you. ownCloud is about customizability – you should be able to adjust it to your needs. If you find another tool which works better, tell us. But for now, you can try one of those:

 

Install KeePassXC on your computer!

Install Passman to your ownCloud!

 

Do you have other password managers to recommend? Leave a comment!

And feel free to show this post to your family & friends, if their bad passwords don’t let you sleep at night.

ownCloud

March 11, 2019

Read now:

Understanding Web Applications in oCIS

Understanding Web Applications in oCIS

In today’s fast-paced digital world, web applications play a crucial role in enhancing user experience and functionality. Infinite Scale comes with a world-class web interface to manage file resources, but it can be extended by utilizing ownCloud Infinite Scale (oCIS) as a construction set for custom web apps.

read more
Full digital sovereignty has 3 levels

Full digital sovereignty has 3 levels

Digital sovereignty is becoming increasingly important for public authorities and companies – and they already have the option of using fully sovereign software stacks. Content collaboration specialist ownCloud explains what sets them apart.

read more