I have two question pertaining bi-directinal syncing of KeePass data from a) laptop to Android phone and b) Android phone to laptop. First, to put things into context, please allow me to provide first some background.
Background: I have been using SafeWallet (developed by SBSH) for several years. The syncing process between my laptop and my old BlackBerry phone was really simple. That is, I was able to sync both MS-Outlook (calendars, contacts) and the SafeWallet data via a single mouse-click (i.e., via BlackBerry's Desktop Manager).
New situation/challenge: I have now upgraded from the BlackBerry to a Samsung Galaxy S7. While I have figured out how to automatically sync MS-Outlook data, I have been unsuccessful to do the same with SafeWallet on my recently purchased Android/Galaxy phone. I contacted SBSH but, apparrently, they went out of business. Thus I have been investigating new options (e.g., KeePass) for storing/syncing passwords between laptop and phone.
My questions to you:
1) Once I download KeePass to my laptop, how can I install the same on my Android phone?
2) Once installed (I hope KeePass has a mobile version), can I automatically sync all my data preferably via a Wi-Fi connection (or even USB cable if necessary)? If so, how?
Any advice is greatly appreciated! Thank you for your help in advance.
Cheers,
Tom
Last edit: ThomasBock 2016-07-06
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Android devices generally do not mount as mass storage devices via usb on Windows. Instead they use MTP or PTP which is very limited, and intended for transferring pictures and media (music) etc. to designated locations on the android device. While it may be possible to mount your device as mass storage, it is beyond the scope of this forum.
On Android, use a cloud storage service e.g. DropBox or OneDrive with a file compatible third-party port of KeePass that has built-in support for cloud storage and KeePass synchronization. KeePass2Android is one such program.
On the Windows, use KeePass and save your working database in a local directory outside of cloud storage with a synchronization only copy in your local cloud storage directory. Regularly synchronize the working copy with the synchronization only cloud copy using KeePass synchronization (File>Synchronize...>Synchronize with file). There is an example synchronization trigger, and synchronization plugins that will help you automate this task.
If you are concerned about keeping your database in cloud storage, e.g. because your Master Key (master password) may not be adequate, you can add a key file to your Master Key. Place the key file on the the devices where you need to open the database (e.g. phone and PC) but off the cloud storage.
Last edit: wellread1 2016-07-07
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thank you for the feedback... the syncing process appears to be very tricky and complicated (particular with the need to adding key files for the master key file). I know this is open software but it sounds that the syncing process between Android and computer (laptop) is very convoluted with KeePass.
Thank you.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
The key file was just a suggestion. If you're comfortable without it, don't use one.
Also you can make things simpler with a plugin.
Instead of manually syncing (or using a trigger to sync) with a dropbox/google drive/onedrive file on your PC, you can install one of the many "Backup & Synchronization & IO" KeePass plugins. Looking at the list today, it appears you can find a plugin to support Google Drive, Dropbox, Amazon S3, OneDrive, DigitalBucket, and possibly more.
After you have installed the correct plugin, your procedure becomes:
Use KeePass2Android on your device to open a file "from the cloud"
Configure the plugin on your PC to sync to the cloud when you save (I use KPGoogleSync for this).
Edit and save your database on either device as needed, and it will automatically sync whenever you open or save a database
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Thank you chiming in and providing additional detail on the process... I appreciate it.
Ok, I've been reading some fundamentals wrt "storing data locally" and "syncing via cloud". I am not entirely certain if I fully understanding the intracacies of syncing via the cloud. That is, preferably, I would like to keep my personal data (e.g., user login criteria) on a local machine (that is on laptop and/or Android). Thus, when you mentioned syncing via the cloud, will the data files also be stored on the cloud (or is the clould only a medium to facilitate the synching process)?
Thank you in advance for claryfing the "cloudy" topic?
Cheers.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
KeePass really only knows about files, which it can access with various protocols. If I understand correctly, the cloud plugins I listed mostly work by downloading a local copy, syncing with it, and uploading it again. Then your other devices will likewise download a local copy of the updated database and sync with it to get the changes. So if you choose to sync via cloud, you will have a full copy of your database on the cloud.
HOWEVER, that full copy of your database will be strongly encrypted and very difficult to steal information from without the master key. You can make this much stronger in a few ways, but any of these will make the process more complicated. None of these are strictly necessary to sync, but they can improve your security in case someone manages to steal your database file from your cloud storage provider.
First and most obviously, you should use a very strong master password. I recommend using Diceware or a plugin like Word Sequencer to generate a randomized passphrase.
Secondly, you should increase the number of "key transformation rounds" used to encrypt your database. This increases the time any attacker will need to spend trying each password attempt. The default value is 6000, which will not slow down an attacker very much unless your master password is very strong. Go to File->Database Settings and click the Security tab. There you can set it up with one click so it takes a full second (on a system identical to your own) to try any password against your database.
Finally, you were already pointed to the idea of using a key filein addition to your master password. If you create a key file, you can copy it to every device you plan to use KeePass from. This is analogous to a "trusted device" feature; any device posessing the key file becomes a "trusted device". So naturally you should avoid putting your key file in cloud storage. But you must be careful to have a backup of this key file, because you won't be able to open your database without it!
I think any password manager you find that offers built-in "cloud" sync features will pretty much always store some copy of your database. I doubt you can get around that. Luckily KeePass offers the ability to sync with locally accessible files as well, but it will not be as convenient or easy as cloud sync. You can keep a "sync file" on a USB stick or something to transfer between computers. Or use your home network to copy it back and forth. Then you can sync changes using the File->Synchronize menu. Syncing to your mobile device probably depends on your device; if you can mount it in mass storage mode you should be able to sync using your PC's KeePass as above, otherwise you may need to just transfer the file to your PC, sync with it, and transfer it back. As I said, this is more complicated, you're trading convenience for the small amount of security you'll gain from avoiding cloud storage.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hello Experts:
I have two question pertaining bi-directinal syncing of KeePass data from a) laptop to Android phone and b) Android phone to laptop. First, to put things into context, please allow me to provide first some background.
Background: I have been using SafeWallet (developed by SBSH) for several years. The syncing process between my laptop and my old BlackBerry phone was really simple. That is, I was able to sync both MS-Outlook (calendars, contacts) and the SafeWallet data via a single mouse-click (i.e., via BlackBerry's Desktop Manager).
New situation/challenge: I have now upgraded from the BlackBerry to a Samsung Galaxy S7. While I have figured out how to automatically sync MS-Outlook data, I have been unsuccessful to do the same with SafeWallet on my recently purchased Android/Galaxy phone. I contacted SBSH but, apparrently, they went out of business. Thus I have been investigating new options (e.g., KeePass) for storing/syncing passwords between laptop and phone.
My questions to you:
1) Once I download KeePass to my laptop, how can I install the same on my Android phone?
2) Once installed (I hope KeePass has a mobile version), can I automatically sync all my data preferably via a Wi-Fi connection (or even USB cable if necessary)? If so, how?
Any advice is greatly appreciated! Thank you for your help in advance.
Cheers,
Tom
Last edit: ThomasBock 2016-07-06
Android devices generally do not mount as mass storage devices via usb on Windows. Instead they use MTP or PTP which is very limited, and intended for transferring pictures and media (music) etc. to designated locations on the android device. While it may be possible to mount your device as mass storage, it is beyond the scope of this forum.
On Android, use a cloud storage service e.g. DropBox or OneDrive with a file compatible third-party port of KeePass that has built-in support for cloud storage and KeePass synchronization. KeePass2Android is one such program.
On the Windows, use KeePass and save your working database in a local directory outside of cloud storage with a synchronization only copy in your local cloud storage directory. Regularly synchronize the working copy with the synchronization only cloud copy using KeePass synchronization (File>Synchronize...>Synchronize with file). There is an example synchronization trigger, and synchronization plugins that will help you automate this task.
If you are concerned about keeping your database in cloud storage, e.g. because your Master Key (master password) may not be adequate, you can add a key file to your Master Key. Place the key file on the the devices where you need to open the database (e.g. phone and PC) but off the cloud storage.
Last edit: wellread1 2016-07-07
Use KeePass 2.x. KeePass 1.x is not suitable for this purpose.
I use KeePass2Android and find it very good.
cheers, Paul
Wellread1:
Thank you for the feedback... the syncing process appears to be very tricky and complicated (particular with the need to adding key files for the master key file). I know this is open software but it sounds that the syncing process between Android and computer (laptop) is very convoluted with KeePass.
Thank you.
The key file was just a suggestion. If you're comfortable without it, don't use one.
Also you can make things simpler with a plugin.
Instead of manually syncing (or using a trigger to sync) with a dropbox/google drive/onedrive file on your PC, you can install one of the many "Backup & Synchronization & IO" KeePass plugins. Looking at the list today, it appears you can find a plugin to support Google Drive, Dropbox, Amazon S3, OneDrive, DigitalBucket, and possibly more.
After you have installed the correct plugin, your procedure becomes:
fritzophrenic:
Thank you chiming in and providing additional detail on the process... I appreciate it.
Ok, I've been reading some fundamentals wrt "storing data locally" and "syncing via cloud". I am not entirely certain if I fully understanding the intracacies of syncing via the cloud. That is, preferably, I would like to keep my personal data (e.g., user login criteria) on a local machine (that is on laptop and/or Android). Thus, when you mentioned syncing via the cloud, will the data files also be stored on the cloud (or is the clould only a medium to facilitate the synching process)?
Thank you in advance for claryfing the "cloudy" topic?
Cheers.
KeePass really only knows about files, which it can access with various protocols. If I understand correctly, the cloud plugins I listed mostly work by downloading a local copy, syncing with it, and uploading it again. Then your other devices will likewise download a local copy of the updated database and sync with it to get the changes. So if you choose to sync via cloud, you will have a full copy of your database on the cloud.
HOWEVER, that full copy of your database will be strongly encrypted and very difficult to steal information from without the master key. You can make this much stronger in a few ways, but any of these will make the process more complicated. None of these are strictly necessary to sync, but they can improve your security in case someone manages to steal your database file from your cloud storage provider.
First and most obviously, you should use a very strong master password. I recommend using Diceware or a plugin like Word Sequencer to generate a randomized passphrase.
Secondly, you should increase the number of "key transformation rounds" used to encrypt your database. This increases the time any attacker will need to spend trying each password attempt. The default value is 6000, which will not slow down an attacker very much unless your master password is very strong. Go to File->Database Settings and click the Security tab. There you can set it up with one click so it takes a full second (on a system identical to your own) to try any password against your database.
Finally, you were already pointed to the idea of using a key file in addition to your master password. If you create a key file, you can copy it to every device you plan to use KeePass from. This is analogous to a "trusted device" feature; any device posessing the key file becomes a "trusted device". So naturally you should avoid putting your key file in cloud storage. But you must be careful to have a backup of this key file, because you won't be able to open your database without it!
I think any password manager you find that offers built-in "cloud" sync features will pretty much always store some copy of your database. I doubt you can get around that. Luckily KeePass offers the ability to sync with locally accessible files as well, but it will not be as convenient or easy as cloud sync. You can keep a "sync file" on a USB stick or something to transfer between computers. Or use your home network to copy it back and forth. Then you can sync changes using the File->Synchronize menu. Syncing to your mobile device probably depends on your device; if you can mount it in mass storage mode you should be able to sync using your PC's KeePass as above, otherwise you may need to just transfer the file to your PC, sync with it, and transfer it back. As I said, this is more complicated, you're trading convenience for the small amount of security you'll gain from avoiding cloud storage.
You could use an encrypted cloud storage if you want even more security.TeamDrive is free for personal use.
https://www.teamdrive.com/en/features-overview/
cheers, Paul