globe showing Americas Diese Seite auf Deutsch anzeigen

Keepass is a free open-source software that does not store the encrypted password file directly in the cloud. The file can be stored locally on the computer or e.g. on the own Polybox (ETH-Cloud on-premises). Thus, it can be synchronized between different devices and is available there at the same time. Keepass supports various platforms such as Windows, Mac, Linux, Android and iPhone and has a high encryption standard.

Features

Keepass is one of the few password managers that supports all of the following criteria:

  • Not a cloud product, as according to ETH security requirements no sensitive data may be stored in the cloud.
  • Simultaneous use of a DB on different devices
  • Database can be stored location-independent e.g. ETH-Polybox
  • Clients for Windows, Mac, Linux, Android and iOS (iPhone)
  • High encryption standard                
  • Low costs
  • Product longevity                
  • Easy handling of the backup
  • Auto-type function

                                    

Licensing / Costs

Keepass can be used free of charge and is open source OSI certified.

Installation

light bulbInstallation on ETH devices

For installation on ETH service devices, contact your responsible ISG. IT Support


WindowsKeepass XC


MacOS: Keepass XC


Linux: Keepass XC


AndroidKeepass2Android

When using multiple devices and the location of the database in the polybox, the database is preferably included "via Owncloud" with the following information:
- Enter path: polybox.ethz.ch 
- Username: ETH username
- Password: XXX
Then go to the folder with the password file and select File. 


iOSStrongbox

When using multiple devices and storing the database in the polybox, the database is preferably set up "via webdav" as follows:
Customize path:
https://polybox.ethz.ch/remote.php/dav/files/ETH-Username/XXX/XXXX.kdbx
Username: ETH username
Password: XXX

Usage

The following Youtube tutorials are recommended:

Basic Tutorial Keepass XC

Tutorial Keepass XC

Masterpasswort

Passwords should contain at least 12 characters. Use at least 3 different types of characters: Upper case letters (A-Z) Lower case letters (a-z) and numbers. (siehe ETH password recommendation )


Browser Plugins

Keepass can also insert passwords without extensions using the "auto type" function. If this is not enough, a browser plugin can be installed, which additionally simplifies the input of passwords. More info about plugins can be found on the manufacturer's website: KeePassXC: Getting Started Guide

Updates

It is recommended to activate the option "check for update at startup" and to update the software regularly.

Backup

The database file with the extension *.kdbx should additionally be backed up periodically to an ETH internal storage (home directory, NAS share, file server), which is integrated into the backup infrastructure.

Restore

From time to time it should be checked whether the saved database file can also be opened.