TyperTech
Regular Member
- Joined
- Feb 26, 2024
- Posts
- 44
- Reaction score
- 0
- Status
- Offline
- Last Seen
Before I realized the actual capabilities of KeePassXC I was trying to memorize insane passwords and this discovery made my life much easier. So, I figured I'd share this information with the rest of you. Sorry if this is a redundant, oft-covered topic.
From the inception of my DNM endeavors, I've stored my passwords within KeePassXC because, I was trying my best to adhere to the DNM Bible's guidelines. I would store my username, 1 out of a few very low quality passwords specific to whichever account I'm trying to store at the time, along with my mnemonic.
However, while I'm sure this isn't the absolute worst way to go about saving your info, I recently made the discovery that KeePass has the capability of generating a randomized password for you. To accentuate this, under the advanced menu within the password generator, it also allows you to choose from character sets and which specific types of alphanumeric symbols/ punctuation marks/misc symbols that you would like to be included in your generated password; you can also select whether you'd like it to include a character from each selected set, and also the option to exclude any look-alike characters.
To begin creating a new password entry with a password generated by KeePassXC the steps are as follows:
1) At the top menu bar in TailsOS, under the applications drop down menu, you'll find KeePassXC within either the favorites, or the accessories sub-menu. It's indicating symbol is a filled in green circle with a whitish key inside of it. Click to open.
2) If this is not your first time ever opening KeePassXC then unlock your current database and skip to step 3. However, if it is your first time, continue following step 2: First timers will need to create a database. Don't let the terminology confuse you, it's simple. Name your database whatever you'd like to reference it as (the file that stores your database containing any info and passwords you’ve saved will also be labeled with this name.) Enter a self-created password (I have one really good password made by KeePass that I've been able to remember. The password you pick to use in the creation of your database should be one you'll be able to remember by heart if you were to ever lose your usb/backup but also one that can’t be easily guessed by a potential infiltrator.) And finally save the created file in your persistent storage.
3) Now you should have KeePassXC running, and you should be within your database. To begin the process of storing a password within KeePassXC you need to start by clicking the + button within a circle located in the horizontally running bar of bold icons at the top of the screen.
4) After clicking the + button within the circle you'll have a list of prompts to follow, the first one being "Title." I usually make the title the domain name of whatever market, email, etc that this account info will be saved for. For this example we'll be saving a hypothetical NSFW account. So, I would make the title "NSFW TITLE ."
5) The next prompt is going to be your username, your username is obviously whatever you have chosen to use. Fill it in.
6) So here it is, the security and convenience enhancing part. The prompt following your username is going to be "Password." So to enter the included password generator you have to click the button that's shaped like a square with a line cutting it in half diagonally. This button is located at the far right hand side of the password entry bar. It's directly next to the button shaped like an eye that allows you to see what you've typed of your password so far.
7) Upon clicking the diagonally cut square button, you'll see a blocked out password (along with the rest of the password generator settings) that's already been created using default settings ready to go. Now you could just stick with this password, but I'd recommend using custom settings.
Under the bar containing the blocked out password you'll see its determined strength, as well as the entropy (the entropy of a random variable is the average level of "information," surprise," or "uncertainty" inherent to the variables possible outcomes.) Beneath where it say's "Password Quality" you'll have a switchable menu allowing you to choose a password or a pass-phrase respectively. For this example we'll stick with a password.
The first variable option to decide on is the length of the password. You can either use the provided slider bar, or type in an exact number on the far right. I like to make my passwords 40 characters (as opposed to the default 20 characters) unless the account I'm making doesn't allow for that many characters. This alone pushes your password into one of the strongest possible options you can choose according to KeePass' password quality meter represented by a green bar directly underneath the blocked out password.
Secondly you'll need to click the "Advanced" button located to the far right of the password length slider and text box. This allows more specificity when it comes to character selection in your password. Some sites have more password restrictions in place than others, making it invaluable to be able to block any invalid characters from being added into your password. Also, if you ever do have to type out a password, some of the characters that have the option to be included are one's that you'll have trouble typing on a keyboard. Just some things to keep in mind. You can select which (or all) character sets you'd like to include by clicking on the pre-grouped options that turn from grey to green when selected. Beneath the pre-grouped character sets will be two text bars: one allowing you to type in specific characters you'd like to include, and the other for any characters you would like to exclude from your password.
Then you'll see two boxes that should already be pre-checked. One being to "Exclude Look-alike Characters" and one confirming that you would like to include at least one character from every selected character set. In my opinion it's wise to keep both of these boxes checked.
8) At this point your password is basically ready to be created, but I like to click the uncover eye button located at the far right of the password entry bar at the top of the generator pop-up so I can just see that it looks randomized and did not include any characters I didn't want.
9) Now you can go ahead and finish the password generation by clicking "Apply Password" located at the very bottom right hand side of the generator pop-up within KeePassXC. This will close the Generator window and bring you back to the entry creation page of this NSFW account info that we've been working on saving. Although now it will include the generated password, filling it’s text box as well as all the previous fields we’ve entered in the process.
10) Now that we're back on the entry creation page, you have the fantastic option of choosing to add a URL (or onion) to this entry as well. This has proved to be a very smart option in aiding the speed of logging into any given site without simultaneously breaching your OpSec. It also allows you to keep the same verified link (if you don't know how to verify links there's tons of guides on NSFW, UTFSE) saved so whenever you're going on a market, forum, email service, etc.. meaning that you'll virtually eliminate the possibility of getting phished from DN Indexes like dark fail or darknetlive. It also removes the steps of having to go onto an index and finding your desired link, then verifying it, and all that jazz. You can literally have the Tor Browser starting while you open your KeePass database and (after adjusting your tor browsers security settings, of course) you can simply single-click to select/highlight (without fully opening) which account info/password entry you'd like to use on KeePass, and at the bottom of the main page, it'll have a summary of the included information within that entry. So without ever leaving the KeePass home screen you'll be able to double click your pre-verified link and have it open just like that.
11) You also have the option of creating an expiry date for your password, I've read that some people like to set an expiration for their passwords (as well as PGP keys) so that way they can keep rotating out old (possibly leaked) passwords. I personally don't use this feature, its completely up to you.
12) Finally in the final section labeled "Notes" I usually store my mnemonic for the respective account. I find this area to be the most convenient place to store this, considering the possible consequences if one were to lose it.
!!!!CONGRATULATIONS!!!! You now have a randomly generated password set to your personal specifications along with the rest of whichever account’s information that you're saving, all organized into an entry within your KeePassXC database. I like to create these entries in the moments that I'm creating any new account. That way I don't create an entry early and end up going against the password requirements given by a site forcing me to edit it anyway.
PRO TIP: Now that you have your entry created, you have choices when it comes to inputting your login information when you're logging into a market or wherever.
When you're on the NSFW login screen (or wherever) you'll need to fill in your username, password, and captcha in order to gain access to your account. So you could just type your username as usual and then copy and paste your new behemoth password, followed by a correct captcha entry.
However, I've discovered that the "Auto-Type" feature within KeePassXC makes logging in much easier. So instead of the usual method of logging in, this time we're going to fill out the captcha first (the auto-type sequence ends with the enter key if you do it the hot-key way I'm going to explain. So, without entering the captcha first, it will auto-type your info, but not the captcha, then hit enter. This forces you to have to do it again in a case where you didn't fill out the captcha first.) After entering the captcha you'll want to click on the bar where you'd normally enter your username, as if you were actually going to type it in. Now while you're selected on the username text box you'll click on KeePassXC on the bottom menu bar of TailsOS, then you'll select the account your logging into (just highlight it by clicking once, you don't have to double click and actually enter the entire entry) and press the following button sequence on your keyboard: CTRL+SHIFT+V
This should automatically route you back to the login screen that you were just on, and instantly start typing your username and password for you. In my experience I've found this method of password creation/storage, account information storage, and market/forum/email access link storage to be the most convenient as well as a way to maintain a higher level of account information security then you might have had previously.
Anyway, I hope this post is able to help someone, and I hope I didn't post any misinformation about anything here in regards to the enhancing of security. If I did, please bring it to my attention so I can edit it out and replace with the correct info. Thanks guys.
From the inception of my DNM endeavors, I've stored my passwords within KeePassXC because, I was trying my best to adhere to the DNM Bible's guidelines. I would store my username, 1 out of a few very low quality passwords specific to whichever account I'm trying to store at the time, along with my mnemonic.
However, while I'm sure this isn't the absolute worst way to go about saving your info, I recently made the discovery that KeePass has the capability of generating a randomized password for you. To accentuate this, under the advanced menu within the password generator, it also allows you to choose from character sets and which specific types of alphanumeric symbols/ punctuation marks/misc symbols that you would like to be included in your generated password; you can also select whether you'd like it to include a character from each selected set, and also the option to exclude any look-alike characters.
To begin creating a new password entry with a password generated by KeePassXC the steps are as follows:
1) At the top menu bar in TailsOS, under the applications drop down menu, you'll find KeePassXC within either the favorites, or the accessories sub-menu. It's indicating symbol is a filled in green circle with a whitish key inside of it. Click to open.
2) If this is not your first time ever opening KeePassXC then unlock your current database and skip to step 3. However, if it is your first time, continue following step 2: First timers will need to create a database. Don't let the terminology confuse you, it's simple. Name your database whatever you'd like to reference it as (the file that stores your database containing any info and passwords you’ve saved will also be labeled with this name.) Enter a self-created password (I have one really good password made by KeePass that I've been able to remember. The password you pick to use in the creation of your database should be one you'll be able to remember by heart if you were to ever lose your usb/backup but also one that can’t be easily guessed by a potential infiltrator.) And finally save the created file in your persistent storage.
3) Now you should have KeePassXC running, and you should be within your database. To begin the process of storing a password within KeePassXC you need to start by clicking the + button within a circle located in the horizontally running bar of bold icons at the top of the screen.
4) After clicking the + button within the circle you'll have a list of prompts to follow, the first one being "Title." I usually make the title the domain name of whatever market, email, etc that this account info will be saved for. For this example we'll be saving a hypothetical NSFW account. So, I would make the title "NSFW TITLE ."
5) The next prompt is going to be your username, your username is obviously whatever you have chosen to use. Fill it in.
6) So here it is, the security and convenience enhancing part. The prompt following your username is going to be "Password." So to enter the included password generator you have to click the button that's shaped like a square with a line cutting it in half diagonally. This button is located at the far right hand side of the password entry bar. It's directly next to the button shaped like an eye that allows you to see what you've typed of your password so far.
7) Upon clicking the diagonally cut square button, you'll see a blocked out password (along with the rest of the password generator settings) that's already been created using default settings ready to go. Now you could just stick with this password, but I'd recommend using custom settings.
Under the bar containing the blocked out password you'll see its determined strength, as well as the entropy (the entropy of a random variable is the average level of "information," surprise," or "uncertainty" inherent to the variables possible outcomes.) Beneath where it say's "Password Quality" you'll have a switchable menu allowing you to choose a password or a pass-phrase respectively. For this example we'll stick with a password.
The first variable option to decide on is the length of the password. You can either use the provided slider bar, or type in an exact number on the far right. I like to make my passwords 40 characters (as opposed to the default 20 characters) unless the account I'm making doesn't allow for that many characters. This alone pushes your password into one of the strongest possible options you can choose according to KeePass' password quality meter represented by a green bar directly underneath the blocked out password.
Secondly you'll need to click the "Advanced" button located to the far right of the password length slider and text box. This allows more specificity when it comes to character selection in your password. Some sites have more password restrictions in place than others, making it invaluable to be able to block any invalid characters from being added into your password. Also, if you ever do have to type out a password, some of the characters that have the option to be included are one's that you'll have trouble typing on a keyboard. Just some things to keep in mind. You can select which (or all) character sets you'd like to include by clicking on the pre-grouped options that turn from grey to green when selected. Beneath the pre-grouped character sets will be two text bars: one allowing you to type in specific characters you'd like to include, and the other for any characters you would like to exclude from your password.
Then you'll see two boxes that should already be pre-checked. One being to "Exclude Look-alike Characters" and one confirming that you would like to include at least one character from every selected character set. In my opinion it's wise to keep both of these boxes checked.
8) At this point your password is basically ready to be created, but I like to click the uncover eye button located at the far right of the password entry bar at the top of the generator pop-up so I can just see that it looks randomized and did not include any characters I didn't want.
9) Now you can go ahead and finish the password generation by clicking "Apply Password" located at the very bottom right hand side of the generator pop-up within KeePassXC. This will close the Generator window and bring you back to the entry creation page of this NSFW account info that we've been working on saving. Although now it will include the generated password, filling it’s text box as well as all the previous fields we’ve entered in the process.
10) Now that we're back on the entry creation page, you have the fantastic option of choosing to add a URL (or onion) to this entry as well. This has proved to be a very smart option in aiding the speed of logging into any given site without simultaneously breaching your OpSec. It also allows you to keep the same verified link (if you don't know how to verify links there's tons of guides on NSFW, UTFSE) saved so whenever you're going on a market, forum, email service, etc.. meaning that you'll virtually eliminate the possibility of getting phished from DN Indexes like dark fail or darknetlive. It also removes the steps of having to go onto an index and finding your desired link, then verifying it, and all that jazz. You can literally have the Tor Browser starting while you open your KeePass database and (after adjusting your tor browsers security settings, of course) you can simply single-click to select/highlight (without fully opening) which account info/password entry you'd like to use on KeePass, and at the bottom of the main page, it'll have a summary of the included information within that entry. So without ever leaving the KeePass home screen you'll be able to double click your pre-verified link and have it open just like that.
11) You also have the option of creating an expiry date for your password, I've read that some people like to set an expiration for their passwords (as well as PGP keys) so that way they can keep rotating out old (possibly leaked) passwords. I personally don't use this feature, its completely up to you.
12) Finally in the final section labeled "Notes" I usually store my mnemonic for the respective account. I find this area to be the most convenient place to store this, considering the possible consequences if one were to lose it.
!!!!CONGRATULATIONS!!!! You now have a randomly generated password set to your personal specifications along with the rest of whichever account’s information that you're saving, all organized into an entry within your KeePassXC database. I like to create these entries in the moments that I'm creating any new account. That way I don't create an entry early and end up going against the password requirements given by a site forcing me to edit it anyway.
PRO TIP: Now that you have your entry created, you have choices when it comes to inputting your login information when you're logging into a market or wherever.
When you're on the NSFW login screen (or wherever) you'll need to fill in your username, password, and captcha in order to gain access to your account. So you could just type your username as usual and then copy and paste your new behemoth password, followed by a correct captcha entry.
However, I've discovered that the "Auto-Type" feature within KeePassXC makes logging in much easier. So instead of the usual method of logging in, this time we're going to fill out the captcha first (the auto-type sequence ends with the enter key if you do it the hot-key way I'm going to explain. So, without entering the captcha first, it will auto-type your info, but not the captcha, then hit enter. This forces you to have to do it again in a case where you didn't fill out the captcha first.) After entering the captcha you'll want to click on the bar where you'd normally enter your username, as if you were actually going to type it in. Now while you're selected on the username text box you'll click on KeePassXC on the bottom menu bar of TailsOS, then you'll select the account your logging into (just highlight it by clicking once, you don't have to double click and actually enter the entire entry) and press the following button sequence on your keyboard: CTRL+SHIFT+V
This should automatically route you back to the login screen that you were just on, and instantly start typing your username and password for you. In my experience I've found this method of password creation/storage, account information storage, and market/forum/email access link storage to be the most convenient as well as a way to maintain a higher level of account information security then you might have had previously.
Anyway, I hope this post is able to help someone, and I hope I didn't post any misinformation about anything here in regards to the enhancing of security. If I did, please bring it to my attention so I can edit it out and replace with the correct info. Thanks guys.