A couple of weeks ago, LastPass changed hands, again. Some of my friends ditched it and moved on to BitWarden as a consequence.
While I see the advantages of using cloud-based services to store passwords, especially when it comes to comfort, I do find the use of such service to risky. What if their services get hacked or someone finds a bug in the service’s extensions or apps that can be exploited?
Anyway, I managed to convince a friend to switch over to KeePass. His requirements were quite simple: cross-platform sync, a mobile app and auto-fill on desktop. It’s easy, just place the KeePass database in your cloud storage service’s folder (for e.g. Dropbox, OneDrive, GoogleDrive, or, if you want full control, a self-hosted solution) and you have cross-platform sync. It’s safe because the database is encrypted.
My go-to choice for a mobile app is Keepass2Android Password Safe for Android (supports Quick unlock, fingerprint unlock, syncs to your cloud service), and KeePassium or Strongbox for iOS. While auto-type is natively supported in the KeePass desktop application, auto-fill isn’t.
You’ll need to use a browser extension for that. I used to recommend Tusk, but it is no longer maintained. The Kee add-on by Chris Tomlinson does a fine job. Kee was formerly known as KeeFox, and some of you maybe familiar with it.
You’ll need two things to get it working
- The Kee extension for Firefox and Chrome. You’ll also need the KeePass desktop application to be running in the background.
- The KeePassRPC plugin (from the same developer) which allows the add-on to communicate with the browser.
Install the extension from the Firefox add-on repository or the Chrome web-store. A new button will be added to the toolbar and it is in the “OFF” state after installation.
Navigate to the KeePass desktop application’s plugins folder (normally C:KeePassPlugins) and place the KeePassRPC plugin file named KeePassRPC.plgx inside the directory. Restart KeePass if it was already open, and it should load the plugin.
A new tab opens in the browser and you should see a window pop-up (in KeePass) asking you to “authorise a new connection”. A code is displayed in the pop-up that you should enter in the box in the browser tab to authenticate the add-on to access the passwords from the desktop client.
The welcome screen of the plugin asks you to choose whether you want to create a new database, or use the existing one. Select the latter and login to your database as usual. That’s it: you’ve setup Kee and KeePass to work together.
The Kee add-on’s button is now usable. Does this work with KeePass portable? It does, that’s what I use it with.
Bad puns aside, let’s take a look at what the extension is capable of. Auto-fill is of course the main feature of the extension. If you’re on a webpage that has the same URL as an entry in your database, the username and password fields should be automatically filled by the add-on.
It works on most websites, but in case it doesn’t, left click on the add-on’s button and select “matched login entries”. You can also use the browser’s right-click context menu to do the same.
You can use the addon’s pop-out menu for searching your database. This is the other option to use if autofill didn’t work. You can type the website’s name (for e.g. “ghacks”) and the extension will list the relevant results to choose from.
Click on an entry (after searching) and it will take you to the corresponding URL. If you click on the hamburger menu icon next to an entry, it gives you three options: Edit, Copy Password and Copy Username. The password isn’t edited by Kee, it is done in KeePass.
Kee can be used to save new entries when you login to websites (or generate a new one), but you’ll need to manually click the add-on’s button and select “Save login”. You can choose to save the information in a new entry or update an existing one. The add-on can also be used for generating secure passwords and you can choose from Hex key 40/128/256 bit, or random MAC address. Once generated, it is saved to the clipboard and you can paste it in a password field, and use the save password option to store the new login.
Kee does not send your data to any server. The extension and the plugin are open source.
Note: You may come across “Kee Vault” in the add-on’s menu, that is a premium password manager made by the same developer. It is completely optional, and hence not required for Kee to function.
Kee is an open source add-on, and so is the KeePassRPC plugin. You can find them listed on the plugins page on KeePass’ official website. KeeForm is a good alternative, but requires installing its desktop application in addition to the extension.