KeePassDX
We need a password manager. These days I use KeePassDX on my phone and KeePassXC on my computers. The point of a password manager is not only to give you a truly easy way to have strong passphrases. It is also to allow you to make strong passphrases. I always make my passphrases within KeePass, so that know they are strong. (If you are looking for the Desktop Version)
Create a Vault
• Open KeePassDX.
• Click on “Create new vault”.
• Name it and click on save.
• Create a password that you can remember for unlocking.
• Confirm your password and add a hardware key if you have one.
• Click on the plus at the bottom right corner.
• Click on “Add entry”.
• In “Title” write TutaMail.
• In “Username” write your Tuta username or email that you use to login.
• In “Password” write your Tuta passphrase.
• In the “URL” write “https://app.tuta.com/“.
• Set it to never expire.
• Add notes if you like.
Settings
• Click on the three dashes in the upper left corner and click “Settings”.
• Go to “App settings”.
• Disable “Allow no master key”.
• Enable “Delete Password”.
• Disable “Write -protected”.
• Enable “Autosave database”.
• Enable “Keep screen on”.
• Disable “Screenshot mode”.
• Disable both search options.
• Click on “Timeout” and set it to 5 minutes or less.
• Enable “Screen lock”.
• Enable “Press ‘Back’ to lock” (Optional).
• Enable “Show lock button”
• Enable “Remember database locations”.
• Disable “Remember keyfile locations”.
• Disable “Remember hardware keys”.
• Enable “Show recent files”.
• Enable “Hide broken database links”.
• Go back.
Autofill Off
• Go to “Form filling” and disable all Autofill also after clicking “Autofill settings”.
• For the Clipboard options I have all enables, with that said, it isn’t 100% required but good practice.
• As for the keyboards, don’t change anything as we will not be using magikeyboard
The Paradox
Here is a paradox for you. You can go to Settings > Devce unlocking and enable biometrics but should you? The answer isn’t clear cut especially with a product like KeePassDX and I wont pretend it is.
PROS:
1. When you use biometrics, people wont get your password in any way.
2. Additionally camera’s can’t pick up your database password. After all you wont be entering it.
3. Convenient.
CONS:
• People can also force a finger, but they can’t force a mind.
• Governments can also force your finger.
But all in all It really depends if you are under physical threat or live in a scummy part of the city. If you are safe and not under physical threat then you can take this risk. If you are in a dangerous area, I would very much disencourage it. As a rule, I use as little biometrics as possible.
I’d recommend not using biometrics on KeePassDX. If you decide to follow my advice then do the following:
• In Settings, click on “Device unlocking” and disable ALL.
• Go back.
You could also use it in daily life and the disable it at critical places like airports.
Appearance
KeePassDX has appearance settings too, it can be customized really good. I will be skipping those because its a very individual thing. But you should look at it since it can make the app better to use when it looks how you want it.
Reasons To Understand Why
The reason we disable remember location for keyfile is because anyone could use your keyfile then, not everyone can use your password manager database if you didn’t get them the passphrase so we can remember the file’s location but not the keyfile.
Why do we disable autofill? Isn’t it pretty neat and convinient? Isn’t autofill safe? No… Someone grabs your phone out of your hand while its unlocked and you are fucked. And that’s an understatement. If you have autofill you might as well write your password on a piece of paper and glue it to your phone.
Now your KeePassDX is setup with secure settings.
KeePassDX
We need a password manager. These days I use KeePassDX on my phone and KeePassXC on my computers. The point of a password manager is not only to give you a truly easy way to have strong passphrases. It is also to allow you to make strong passphrases. I always make my passphrases within KeePass, so that know they are strong. (If you are looking for the Desktop Version)
Create a Vault
• Open KeePassDX.
• Click on “Create new vault”.
• Name it and click on save.
• Create a password that you can remember for unlocking.
• Confirm your password and add a hardware key if you have one.
• Click on the plus at the bottom right corner.
• Click on “Add entry”.
• In “Title” write TutaMail.
• In “Username” write your Tuta username or email that you use to login.
• In “Password” write your Tuta passphrase.
• In the “URL” write “https://app.tuta.com/“.
• Set it to never expire.
• Add notes if you like.
Settings
• Click on the three dashes in the upper left corner and click “Settings”.
• Go to “App settings”.
• Disable “Allow no master key”.
• Enable “Delete Password”.
• Disable “Write -protected”.
• Enable “Autosave database”.
• Enable “Keep screen on”.
• Disable “Screenshot mode”.
• Disable both search options.
• Click on “Timeout” and set it to 5 minutes or less.
• Enable “Screen lock”.
• Enable “Press ‘Back’ to lock” (Optional).
• Enable “Show lock button”
• Enable “Remember database locations”.
• Disable “Remember keyfile locations”.
• Disable “Remember hardware keys”.
• Enable “Show recent files”.
• Enable “Hide broken database links”.
• Go back.
Autofill Off
• Go to “Form filling” and disable all Autofill also after clicking “Autofill settings”.
• For the Clipboard options I have all enables, with that said, it isn’t 100% required but good practice.
• As for the keyboards, don’t change anything as we will not be using magikeyboard
The Paradox
Here is a paradox for you. You can go to Settings > Devce unlocking and enable biometrics but should you? The answer isn’t clear cut especially with a product like KeePassDX and I wont pretend it is.
PROS:
1. When you use biometrics, people wont get your password in any way.
2. Additionally camera’s can’t pick up your database password. After all you wont be entering it.
3. Convenient.
CONS:
• People can also force a finger, but they can’t force a mind.
• Governments can also force your finger.
But all in all It really depends if you are under physical threat or live in a scummy part of the city. If you are safe and not under physical threat then you can take this risk. If you are in a dangerous area, I would very much disencourage it. As a rule, I use as little biometrics as possible.
I’d recommend not using biometrics on KeePassDX. If you decide to follow my advice then do the following:
• In Settings, click on “Device unlocking” and disable ALL.
• Go back.
You could also use it in daily life and the disable it at critical places like airports.
Appearance
KeePassDX has appearance settings too, it can be customized really good. I will be skipping those because its a very individual thing. But you should look at it since it can make the app better to use when it looks how you want it.
Reasons To Understand Why
The reason we disable remember location for keyfile is because anyone could use your keyfile then, not everyone can use your password manager database if you didn’t get them the passphrase so we can remember the file’s location but not the keyfile.
Why do we disable autofill? Isn’t it pretty neat and convinient? Isn’t autofill safe? No… Someone grabs your phone out of your hand while its unlocked and you are fucked. And that’s an understatement. If you have autofill you might as well write your password on a piece of paper and glue it to your phone.
Now your KeePassDX is setup with secure settings.