Document Actions

Instructions - Password Manager KeepassXC

With the password manager KeepassXC, any number of passwords can be stored together with additional information for applications and websites.

Put an end to password paperwork

Do you feel the same way?
At the latest when you have to deal with more than three passwords, you tend to make life easy for yourself by using the same password for different services, for example, or even writing the passwords down on a piece of paper. Both can lead to serious security problems, even if the sheet of paper with the passwords is not lost.
These security problems don't have to be!

Protect yourself and others by using a trustworthy password management program!
This is a program that stores many different passwords and the corresponding user accounts in an encrypted database. You only need one master password for access and can easily use different passwords and always have rarely used passwords at hand.

The information security team recommends the program KeepassXC for this purpose.

Download KeepassXC:
KeepassXC

 

Setting up KeepassXC

 

Create a password database

After you have installed KeePassXC, open the application.

Click on 'Create new database'.

 

Enter a database name for your new database, e.g. 'My passwords'.

 

The encryption settings can be applied as suggested.

 

Choose a secure master password that you can easily remember since it grants access to all your passwords.

For the master password we recommend the following:

  • Minimum length of 12 characters
  • Maximum length of 20 characters
  • At least two special characters
  • At least two capital letters
  • At least two numbers

 

Select a storage location where the database is to be saved. To prevent data loss due to a hardware defect, save the database either under Winfile or in JLUBox. 

Once the new database has been saved, the application overview opens, see below.

Open the password database

When starting the KeepassXC application, enter your master password to open the password database.

 

Note: If you are not prompted to enter the master password, you can look under 'Recent databases' to find the password database.

 

Application overview

  • A. Vault Explorer: The Vault Explorer can be found on the left-hand side of the main window and shows the hierarchy of your groups in the KeePassXC database. You can navigate through your groups here to view the passwords they contain.
  • B. Search and Tags: The Search and Tags area is located at the bottom left of the main window and can be used to delete a search, list all entries, list expired entries, or display weak passwords.
  • C. Entry list: The entry list is located in the middle area of the main window and displays all entries that are in the selected group.
  • D. Details area: The details area is located at the bottom right of the main window and displays the details of the selected entry from the entry list.

 

Toolbar

  • A. Database - Open Database, Save Database, Lock Database
  • B. Entries – Create Entry, Edit Entry, Delete Selected Entries
  • C. Entry Data – Copy Username, Copy Password, Copy URL, Perform Auto-Type
  • D. Tools – Password Generator, Application Settings
  • E. Search

Context menu

Right-click on the vault explorer to open a context menu in which you can create, edit, and delete new groups.

If you create a 'New group', for example, you adopt the default settings offered and assign a name for the group.

 

Save a password

In the vault explorer, select a folder in which the new password entry should be saved.

 

Click on 'Entries' in the menu bar and select 'New entry'. Alternatively, you can also click on the symbol with the plus sign (+) in the toolbar. A new window opens in which you can enter the details for the entry. Enter the title of the entry, e.g. the name of the website or service. Enter the user name for the entry. Enter the password for the entry or click on the dice symbol next to the password field to generate a secure random password. Please note that passwords for websites can only be entered automatically if the corresponding URL (link) is also entered in KeepassXC. Optionally, you can add more information such as notes or tags to organize the entry.

Click on 'OK' to save the new entry.

 

Assign several URLs to one password entry

You can also specify several URLs for an entry, which are then used for the browser integration. This is helpful for the HRZ account, for example, which is used for various systems.

To set additional URLs for an entry, click on Browser integration on the left and then include the relevant URLs under 'Additional URLs'.

 

Set up the browser extension in KeePassXC

Click on Tools in the menu bar and then on Settings. In the Application settings window, click on Browser integration on the left. Select 'Activate browser integration'. The browser used must be selected a little further down, in this example 'Edge'. Once the browser integration has been activated and the browser used has been set, you can click on “Ok”. 

 

Install the KeepassXC browser extension

After you have activated the browser integration in the KeepassXC application, the KeepassXC browser extension must be installed in the browser you are using.

The KeepassXC browser extension can be installed in the respective browser app store:

Edge

Chrome, Vivaldi, and Brave

Firefox

 

Connect KeePassXC and the Edge Browser

Once the browser extension has been installed, the connection to KeepassXC can be established. To do this, the KeePassXC application must be started with the password database unlocked. In the Edge browser, click on the icon that looks like a puzzle symbol and then click on KeePassXC Browser.

 

Now you can connect the KeepassXC application to your browser using the Connect (Verbinden) button.

 

Enter a name for the KeePassXC connection and click on 'Save and allow access' ('Speichern und Zugriff erlauben').

 

Using the browser extension

The browser extension from KeepassXC inserts a status symbol in the login fields of the websites visited. The symbol can be used to enter the user name and password in the login screen.

The status of the software can be recognized with the symbol: 

  •  Connected to KeePassXC and ready to use

 

  • Connected to KeePassXC but the password database is locked

 

  • KeePassXC is not started or the browser extension is not connected to the application

 

Example of logging on to StudIP 

When you log in for the first time, KeePassXC recognizes the login form and suggests an account that was previously created in the database. You can save the assigned account permanently using the 'Remember me' selection field.

Important: The websites are only recognized if the corresponding URL (link) is also entered in KeepassXC.

 

 After you click on 'Allow selection' (previous screenshot), the login data is entered.

  • Each time you visit the website again, you can use the lock symbol to enter your login data in the future.