Dev/Password Manager

From Kicksecure
< Dev
Jump to navigation Jump to search

Password Manager Comparison Table[edit]

The following table compares the features and status of three password managers that were suggested to be included in Kicksecure ™. Data was acquired in March, 2014.

TODO: add keepassxc

KeePassXC KeePassX Figaro's Password Manager 2
Homepage https://keepassxc.org https://www.keepassx.org/ http://als.regnet.cz/fpm2/
Debian package http://packages.qa.debian.org/keepassxc http://packages.qa.debian.org/keepassx http://packages.qa.debian.org/fpm2
Latest version 2.7.1 [1] 2.0 Alpha 5 [2] 0.79 [3]
Debian version (stable / testing) 2.6.2 / 2.6.6 [4] 0.4.3 [5] 0.79 [6]
Used in other security-focused distributions No [7] Tails [8] Liberte Linux [9]
Libraries Qt5 Qt 4.3 [10] GTK2 [11]
Popularity contest statistics (rounded) 5584 [12] 4300 [13] 250 [14]
Download archive size (rounded) 7400 kB [15] 1150 kB [16] 150 kB [17]
Additional disk space needed (rounded) kB [18] 3150 kB [19] 550 kB [20]
Size installed (rounded) 4907 k [21] 3100 k [22] 500 k [23]
Block ciphers AES et.al. [24] AES or Twofish [25] AES [26]
Key size 256 bits 256 bits [27] 256 bits [28]
Hashing SHA-256+ SHA-256 [29] SHA-256 [30]
Key file support Yes Yes [31] Yes [32]
Password generator Yes Yes [33] Yes [34]
Various 0.4.3 is no longer maintained [35] No longer in Debian stretch.

Discussion[edit]

These are update notes on the password manager choices covered as of 2016:

Candidates:


Excluded options:

  • KeePass 2 (keepass.info) use not recommended because of their hostile stance against user security. [36]
  • fpm2 was removed from Debian because its upstream development is dead.[37]

Forum Topic[edit]

https://forums.whonix.org/t/done-add-password-manager-by-default/189

Status[edit]

fpm2 is installed by default.

Footnotes[edit]

Many thanks to Tails team for their discussion on the topic of password managers. [38]

  1. https://keepassxc.org/blog
  2. https://www.keepassx.org/news/
  3. http://als.regnet.cz/fpm2/changelog
  4. http://packages.qa.debian.org/keepassxc
  5. http://packages.qa.debian.org/keepassx
  6. http://packages.qa.debian.org/fpm2
  7. To the best knowledge of the author
  8. https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html
  9. http://dee.su/liberte
  10. https://www.keepassx.org/requirements/
  11. http://als.regnet.cz/fpm2/
  12. http://qa.debian.org/popcon.php?package=keepassxc
  13. http://qa.debian.org/popcon.php?package=keepassx
  14. http://qa.debian.org/popcon.php?package=fpm2
  15. apt install keepass2
  16. apt install keepassx
  17. apt install fpm2
  18. apt install keepassxc
  19. apt install keepassx
  20. apt install fpm2
  21. apt-cache show keepassxc
  22. apt-cache show keepassx
  23. apt-cache show fpm2
  24. http://keepassxc.org/docs
  25. https://www.keepassx.org/features/
  26. http://als.regnet.cz/fpm2/about
  27. https://www.keepassx.org/features/
  28. http://als.regnet.cz/fpm2/about
  29. https://www.keepassx.org/features/
  30. http://als.regnet.cz/fpm2/about
  31. https://www.keepassx.org/features/
  32. http://als.regnet.cz/fpm2/about
  33. https://www.keepassx.org/features/
  34. http://als.regnet.cz/fpm2/about
  35. https://www.keepassx.org/bug-reports/
  36. KeePass 2's reaction to a MITM bug report against its Update Check: 8.2.2016 @ 15:45: Received response from Dominik Reichl: The vulnerability will not be fixed. The indirect costs of switching to HTTPS (like lost advertisement revenue) make it a inviable solution.
  37. https://forums.whonix.org/t/add-password-manager-by-default/189/21
  38. https://labs.riseup.net/code/issues/5745


Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.