Keepass To 1password




Inside This Article

KeePass is a powerful password manager for the desktop that is available for Windows officially and through forks for other operating systems as well. I used to use online password managers like LastPass but switched to KeePass for a number of reasons, one being that I wanted to be in full control over my passwords. There are more than 100 alternatives to 1Password for a variety of platforms, including Windows, Mac, iPhone, Android and iPad. The best alternative is KeePass, which is both free and Open Source. Other great apps like 1Password are Bitwarden (Freemium, Open Source), LastPass (Freemium), KeePassXC (Free, Open Source) and Enpass (Freemium). Password sharing is another category in which 1Password has an edge over KeePass. With 1Password, you have the ability to share passwords with family members, friends and colleagues, making it easier to access shared accounts. Sharing passwords within 1Password is simple; just move the password into your shared vault and invite the other person. Of course, I couldn't realistically avoid things like automatic syncing of the password database, so I came up with my own solution of using Box.com to sync the.kdbx file across my devices, while using an offline KeePass-compatible Android app. My reasoning is that, since the KeePass applications function offline and the syncing applications. This tutorial will save you so much headache! KeePass is an open source and free to use password manager and something everyone should use to get track of th.

1. Introduce Free Password Manager - KeePass
2. Beef up your security with a key file
3. How to back up KeePass
4. Use KeeForm to log into a secure website automatically
5. Use Auto-Type to log in a web page automatically
6. Use On-Screen Keyboard with KeePass
7. Open URLs in different web browsers
8. How to use KeePass in a more secure way

Beef up your security with a key file
KeePass is one of my favorite free software. It's free, open source, and very secure. My hat off to Dominik Reichl.
There are three ways to log into the KeePass application. In technical terms, it is called unlock the password database.

  • Use master password.
  • Use key-file.
  • Use master password and a key-file.

Key-file can be used as an add-on protection for your KeePass database.
To open KeePass, you normally only need a master password. This becomes quite vulnerable if you take KeePass with you and use it in a non-trusted environment such as Internet Cafe. You never know if those computers have keyloggers or other types of spyware programs running in the dark. No matter how complex your master password is, you expose yourself to the possibility of losing your master password and KeePass database file.Keepass To 1password
This is where key-file comes into play. If someone steals your master password and password database, the database is still secure because the attacker also needs to steal your key-file to be able to unlock KeePass.
You normally store your key-file somewhere on your PC, or removable disk such as thumb drive. Key-file can be any existing file or KeePass can create one for you.

My master password is a random string of characters that contains upper and lower case alphanumeric characters as well as other keyboard characters. I save this password in a text file and mix it with other random generated text. I also memorize it.

Never lose your master password and your key-file I want to repeat this and I will repeat it whenever I can. There is no backdoor to KeePass that can be explored to recover your master password and key-file. Security may backfire and cause you more trouble.

How to create key-files and key-disks for KeePass KeePass allows you to lock your password database by using master password and/or key-file. When you create a new password database, KeePass optionally asks you to select a password disk drive (ie. key-disk). Therefore, it is important to understand the differences between a key-file and a key-disk as well as how to create them.
The word key, keyfile, key-file can be used interchangeably.
Key-disk
KeePass password database can be locked using a key-disk. A 'key-disk' is just a normal disk which holds a key-file with password bytes. Note that KeePass can generate key-disk for you.
Key-file
A keyfile is a file stored on key-disk. If you let KeePass generate the key-file for you, the default file name is pwsafe.key which is placed on the disk you specify when setting the master password and/or key-disk drive. You can also create a key-file manually or select any of your existing files as key-file. Even an image file can be used as your key-file.
Note: When you just select a disk drive, KeePass assumes that it should load the 'pwsafe.key' file in the root directory of the disk.
If you want, you can also select the key-file (which is stored on the key-disk) manually. One disk can store multiple keys for multiple databases. In this case, you have to tell KeePass which file it should use.

Two ways to create a key-file You can either create your own key-file or let KeePass create the key-disk and thus the key-file.
Create your own key-file
You can use any existing file as your key-file. No matter what file type it is, KeePass will use it. Follow these steps to create your own key-file.

  • On the File menu, click New Database.
  • The window 'Create a new password database - Enter master key' should now open. In this exercise, we will use both master password and an existing file as key-file to create the access to the password database.
    Enter a password into the password field and select the checkbox 'and'. Then click the link 'Save key-file manually...'.
  • Select an existing file as your key-file.
    For this demo, we selected square.gif on USB flash drive as the key-file. Click Save and you should see the disk drive has been changed to G:square.gif. Click OK to confirm your selection.
  • You are now prompted 'A key-file already exists on this drive. Do you want to overwrite or reuse it?'. You should click No (If you click Yes, KeePass will help you create the key-file). Now KeePass program main window is opened and you can enter new password entries.

Let KeePass create the key-disk and thus the key-file
Keepass To 1password You can also make KeePass to create the key-disk for you. This way, KeePass will create a file pwsafe.key on the disk you specify.
  • Select the key-disk drive.
    Screenshot below shows we have selected USB drive G: as key-disk to store the key-file. Click OK to continue.
  • Repeat the password.
    Because in this exercise we have used both master password and a key-file for the password database, you will be asked to repeat the password you entered in previous step.
  • Get random data for key generation.
    Here KeePass needs your input to generate the key-file. Follow instructions on the window to get the random data. When done, click OK.
    After you click OK, KeePass opens its main program window. In the background, KeePass should have automatically created a key-file pwsafe.key on the USB drive - G:pwsafe.key.
    The advantage of using key-disk is that KeePass can automatically search for the file pwsafe.key on your key-disk next time you open this password database because KeePass can remember which password database you used last time. No need to specify the actual file name of the key-file.
    The key-disk can also contain key-files of other password databases. To open these other databases, you have to specify the actual key-file name by using the link 'Select key-file manually...'.
On next page, we'll see how to back up your KeePass database.
Keepass To 1passwordCopyright© GeeksEngine.com

Inside This Article
1. Introduce Free Password Manager - KeePass
2. Beef up your security with a key file
3. How to back up KeePass
4. Use KeeForm to log into a secure website automatically
5. Use Auto-Type to log in a web page automatically
6. Use On-Screen Keyboard with KeePass
7. Open URLs in different web browsers
8. How to use KeePass in a more secure way
Related Articles:
1.Introduce Free Password Manager - KeePass

Other Recent Articles from the Safe Computing category:
1.Choose Good Passwords That You Can't Remember
2.Protect files and folders with file container
3.A MD5 checksum file generated by freeware FileCheckMD5
4.How to check data integrity for copying files / folders and CD burning
5.What is checksum and how to calculate and use checksum values to verify data and file integrity
6.What is index.dat file and how your internet privacy is affected
7.What is keylogger and the differences between software and hardware keylogger
8.Protect Your Computer On the Internet For Free with Six Simple but Essential Steps
9.Introduce Free Password Manager - KeePass
10.Introduce Free Password Manager - Password Safe
11.Do you manage your username and password wisely?

How to Hack KeePass Passwords using Hashcat


02 May 2017


Let's talk a little about passwords today. Have we all heard of the infamous LinkedIn password breach back in 2012? Over 117 million encrypted passwords were leaked and put up for sale.

Massive data dumps such as these become treasure troves for research of human behavior in the context of security. The US Company Preempt revealed that a staggering 35% of the passwords in the dump could already be found in password dictionaries available prior to the breach. Statistics like these remind us to keep our passwords as strong as possible.

Today we are going to perform a simple attack on a KeePass database file and attempt to break a master password. For those unfamiliar with the software, KeePass is a popular open source password manager. Say you have 50 different passwords for different purposes that you need to remember, how do you go about remembering them all? Some people will write them down in a book. Others may store them in a plain text file - definitely not recommended! A third approach is to use a software application like KeePass. What it does is encrypt all passwords provided to the tool using AES in combination with a master password and optionally a key file. When a user then wishes to recall any particular password they will provide their master password to the tool; in response, the tool will decrypt all passwords in plain text allowing the user to check the entry of their interest.

For the software system to verify the validity of the master password provided it will apply a hashing algorithm to the string given in concatenation with other data. All those who have meddled in the password cracking world know that whenever a hash is available a brute force or dictionary attack can be launched.

So how can we do this? The first step is to extract the hash out of the KeePass database file. Here is a KeePass database we created with a very simple password that we will use for the course of this tutorial.

There is no need to re-invent the wheel here. A utility called 'keepass2john' is available from the John the Ripper github repository. Let's jump on a Linux box and install it as follows.

Next, copy the KeePass database file to the current directory and run the 'keepass2john' binary on it.

We now have our extracted hash file ready to be cracked. The next step is to download a password cracking utility. The greatest by far is Hashcat available from here. What makes Hashcat the leader of such tools is its massive collection of predefined hashing algorithms and its ability to utilize a computers GPU to increase cracking speeds by an enormous degree.

As of Hashcat version 3.0 the software supports KeePass with no custom algorithms needed to be defined. We can run a quick grep command to learn the switch value of 13400 needed for our invocation of the binary.

Keepass

Next, we need to make an edit to our hash file. The hashcat binary does not expect the name of our KeePass database to be pre-pended to our hash so we will have to trim the string with a text editor; after doing so our hash file will look as follows.

We may now launch our attack. We used a password dictionary we picked arbitrarily called 'cracklib-words' available from here.

Keepass To 1password

Export Keepass To 1password

Our machine proceeded to crack the master password in 12 minutes with the following results.

So what was the password you may ask? Sorry, if you want to know that you are going to have to crack it yourself :) Thanks for reading.

Always,

Ruby Devices



Sign Up Below for Notifications on new Blog Posts

More from the Blog:

Exam Cheating Calculator

Keepass To 1password Extension

Ruby Devices do not in any way condone the practice of illegal activities in relation to hacking. All teachings with regards to malware and other exploits are discussed for educational purposes only and are not written with the intention of malicious application.