Managing access credentials

Key Moments

Browser Integration

If you use a browser extension, Buttercup will also fill in the access credentials directly in the web browser. For Chromium, Firefox, and their derivatives, first install the respective browser extension. After that, an icon appears in the browser toolbar to the right of the URL input box.

Clicking on this icon lets you integrate an existing desktop archive into the browser extension. To do this, click on Add Vault in the add-on dialog. The routine now opens a new page and asks for the source of the archive. You can choose between various clouds, local WebDAV sources, and the Local File option.

If you choose an archive, the desktop application generates a six-digit authentication code in a separate window, which you enter in the Authorization Code field in the browser. Then click on Connect to Desktop (Figure 3); the desktop application must already be open. Finally, transfer the desired archive from a file manager displayed by the desktop application. Browser integration is now ready for use. If you want to link several archives with one add-on in the browser, repeat the procedure.

Figure 3: A local file acts as the data archive. If desired, you can also store your data safe in WebDAV or various online services.

To access the credentials, the desktop application must be running at initial setup and whenever the web browser is opened for the first time. In addition, you need to re-enter the master password in the web browser to open the desired archive. A special window is displayed to help you do this. The data stored in the archive can only be accessed after completing these steps.

From now on, if you call up a website that has access credentials stored in the Buttercup archive, the software will automatically fill the fields with data. To allow this to happen, click on the padlock icon next to the input line for the username and enter the name of the archive entry in the Find Entries line. Assuming that Buttercup then displays the name of the archive entry below, click on the entry, and the authentication data is automatically transferred to the web browser fields.

The browser extension is not a standalone application. To open and use the archives, you first need to start the desktop application (i.e., unlock the appropriate archives using the master password). Without this step, the web browser plugin will only display an error message when you try to open an archive.

To add new entries to the open archive, you do not have to take a detour via the desktop application. Simply enter your username and password for the website. The add-on will then display a message in the upper right corner of the browser window, asking if you want to save the access credentials. If you press Save , the routine opens a new browser tab in which you can enter the access data (Figure 4).

Figure 4: Enter additional access data in the browser for later backup to the archive.

Under Archive and Group , use the drop-down menus to select the archive and group where the new entry will be stored. After saving, the data is stored in the archive and available for future access to the website via the add-on. You can also open the new entry in the desktop application for editing, if necessary.

Information Exchange

Buttercup imports datasets from several other password managers if required. For this purpose, it supports CSV, XML, JSON, PIT (file type 1), and BCUP; you can use various derivatives of the CSV format depending on the source application. Buttercup also uses CSV to export the existing data. The respective dialogs can be opened via the File | Import or Export menus.

KeePassXC

KeePassXC [7], a community fork of the cross-platform KeePassX password manager, offers a graphical interface and is installed locally. KeePassXC's range of functions goes far beyond that of a conventional password manager. The application includes a password generator and an export and import function that lets you use content in other database formats across applications. KeePassXC also has browser integration for all common web browsers. An auto-type function ensures automated entry of authentication data from the KeePassXC database in various applications and services.

In addition, KeePassXC pays attention to security. It stores all data with AES-256 encryption, which makes it virtually impossible for unauthorized third parties to read the secured access data. The software is available from the repositories of the major Linux distributions and can easily be installed using the corresponding graphical package management routine. In addition, a PPA archive is available for Ubuntu. For the new package management systems, Snap and AppImage, binary archives are also available on the project website [8], as well as a Flatpak package on Flathub [9].

After opening KeePassXC for the first time, you will see a clear-cut program window (Figure 5), where you first create a new database. Alternatively, you can open an existing database or import data from third-party applications in the welcome screen; there are separate dialogs with corresponding buttons for these actions.

Figure 5: KeePassXC impresses with an uncluttered interface when first launched.

If you select Create new database , a new window will open with a wizard that mainly lets you to configure the encryption. To do so, tweak the various basic settings in the Encryption Settings dialog.

To control the cryptographic configuration in detail, click on Advanced Settings in the bottom right corner. This opens a dialog where you can select an algorithm to encrypt your data. AES 256-bit is used by default, but you can switch to the Twofish or ChaCha20 algorithms, which also rely on 256-bit keys. If you have powerful hardware with multicore processors and multithreading enabled, you can also specify the number of threads to be used in parallel in this dialog.

In the following dialog, you can then set the master password for the database.

Finally, you are taken to the main KeePassXC window, which also appears if you are loading a previously created database. At the top of the main window, you will find the menubar with a buttonbar below for fast access to KeePassXC's most important functions.

Below the menubar and buttonbar, the main window is divided into three panes (Figure 6). In the left pane, access credentials are grouped by category in a tree structure. In the upper right pane, KeePassXC displays a corresponding list of the selected group's entries that have individual authentication credentials. In the lower-right pane, you will find the data for the selected entry. Even if you create a new database structure, this program window layout does not change.

Figure 6: KeePassXC secures access data in a clear cut way, offering instant retrieval.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus