How to manage multiple passwords on Linux

Password-based authentication is so prevalent online that you probably won't be able to count how many passwords you are using. In fact, according to NorSIS Password Survey 2012, the average minimum number of private passwords per person is 17. Another research has found that 82% of people have forgotten their password at lease once.

What makes things worse is the fact that different venues maintain different password policies (e.g., in terms of password length, formation, duration), forcing you to set a wide variety of passwords in different life cycles. While technological advances (e.g., oAuth) try to address the explosion of site-specific credentials, they are not a perfect solution. Until any good alternative to passwords becomes mainstream, passwords will not die any time soon.

This is when GUI-based password manager software such as KeePass comes in handy, which is an open source (GNU GPLv2+), OSI certified, light-weight password manager. KeePass allows you to manage your passwords in a secure database, which is locked with a master key and/or a key file. The Linux port of KeePass is available as KeePassX. Its features include:

  • User-friendly password management with grouping and search.
  • Support for password expiration date.
  • Database encryption with AES (256 bit) or Twofish (256 bit).
  • Customizable generation of secure passwords.
  • Autofill (experimental).

In this tutorial, I will describe how to manage multiple passwords on Linux with KeePassX.

Install KeePassX on Linux

To install KeePassX on Debian, Ubuntu or Linux Mint:

$ sudo apt-get install keepassx

To install KeePassX on Fedora:

$ sudo yum install keepassx

To install KeePassX on CentOS or RHEL, first enable EPEL repository, and run:

$ sudo yum install keepassx

Manage Passwords with KeePassX

To launch KeePassX, simply run this command:

$ keepassx

The first time you use KeePassX, you need to create a new password database. To do so, click on "New Database" icon on the top left panel. You will be asked to supply a master key which will unlock the access to your password database. As the master key, you can use a simple password, a key file, or both.

Once you have created a database, you can now add password entries to the database. Click on "Add New Entry" icon.

Fill in your credential detail including password as follows. Don't forget to save change in the database.

To access your password in a particular entry later, right-click the entry, and select "copy password to clipboard" option. Your password will then be copy to clicpboard, which you can paste into any password blank. Note that for security reason, the plain-text password copied on clipboard will automatically be removed after 20 seconds.

KeePassX maintains individual password databases in an encrypted fashion. To change the encryption algorithm used in the current database, go to "File" --> "Database Settings".

To update KeePassX configurations, go to "Extras" --> "Settings". Here you can change various security related settings as shown below.

To conclude, KeePassX boasts of user-friendly UI for managing multiple passwords in Linux environment. If you have any other tools to recommend, feel free to share it in the comment. For example, if you prefer non-GUI based tools, you can consider pass, which is a command-line password management tool.

Subscribe to Xmodulo

Do you want to receive Linux FAQs, detailed tutorials and tips published at Xmodulo? Enter your email address below, and we will deliver our Linux posts straight to your email box, for free. Delivery powered by Google Feedburner.

3 thoughts on “How to manage multiple passwords on Linux

  1. Hi! :-)
    Personally, I have stored my pwds inside an Open Office spreadsheet, that I have inside a Truecrypt volume (on my Windows partition). This way, I can decrypt it and access my pwds.

    Of course one can save the Truecrypt volume on his Linux partiton (although this way he can't access it from Windows).

    Truecrypt has an easy to use official installer and also some PPA repositories (for *Ubuntu).

    Note: Truecrypt has a somewhat obscure open source license. Some guys considering it something like freeware + source code.

  2. One of the other great features of KeePassX that I use all the time is that it can auto-type your username/password by pressing control+V in KPX. By default it switches to your previously-focused window, then acts like it's typing your username, pressing {tab} then typing your password and hitting enter. You can change up the sequence of characters that it sends if you need to customize that (such as tabbing twice to advance past some checkbox or help-link).

    I just wish there was an easy way to keep the DB synced across various computers. :-/

  3. Use LastPass. Seriously....use LastPass. I used Revelation for years, laboriously manually exporting my database to Keepass for Android every so often, and it was okay, but clunky and a pain copy/pasting stuff all the time and exporting to Android and realizing I'd forgotten to export to Android since I created that password I *really need on my phone right now*...

    LastPass is just a dream in comparison, and you can configure it to be very secure and non-cloudy (slightly less convenient, but still better than a standalone) if that's putting you off. I only wish I'd switched earlier.

    (Make sure you install both the extension for your browser *and* the native app on your phone - using the native app is way more convenient when entering passwords in non-browser apps).

Leave a comment

Your email address will not be published. Required fields are marked *

Current day month ye@r *