Actions

Dev/Password Manager

From Whonix

< Dev

Password Manager Comparison Table[edit]

The following table compares the features and status of three password managers that were suggested to be included in Whonix ™. Data was acquired in March, 2014.

TODO: add keepassxc

KeePass KeePassX Figaro's Password Manager 2
Homepage http://keepass.info https://www.keepassx.org/ http://als.regnet.cz/fpm2/
Debian package http://packages.qa.debian.org/keepass2 http://packages.qa.debian.org/keepassx http://packages.qa.debian.org/fpm2
Latest version 2.25 [1] 2.0 Alpha 5 [2] 0.79 [3]
Debian version (stable / testing) 2.19 / 2.25 [4] 0.4.3 [5] 0.79 [6]
Used in other security-focused distributions No [7] Tails [8] Liberte Linux [9]
Libraries Mono 2.6 [10] Qt 4.3 [11] GTK2 [12]
Popularity contest statistics (rounded) 1750 [13] 4300 [14] 250 [15]
Download archive size (rounded) 7400 kB [16] 1150 kB [17] 150 kB [18]
Additional disk space needed (rounded) 22100 kB [19] 3150 kB [20] 550 kB [21]
Size installed (rounded) 2150 k [22] 3100 k [23] 500 k [24]
Block ciphers AES [25] AES or Twofish [26] AES [27]
Key size 256 bits [28] 256 bits [29] 256 bits [30]
Hashing SHA-256 [31] SHA-256 [32] SHA-256 [33]
Key file support Yes [34] Yes [35] Yes [36]
Password generator Yes [37] Yes [38] Yes [39]
Various 0.4.3 is no longer maintained [40] No longer in Debian stretch.

Discussion[edit]

These are update notes on the password manager choices covered as of 2016:

Candidates:


Excluded options:

  • KeePass 2 use not recommended because of their hostile stance against user security. [41]
  • fpm2 was removed from Debian because its upstream development is dead.[42]

Forum Topic[edit]

https://forums.whonix.org/t/done-add-password-manager-by-default/189

Status[edit]

fpm2 is installed by default.

Footnotes[edit]

Many thanks to Tails team for their discussion on the topic of password managers. [43]

  1. http://keepass.info/news/news_all.html
  2. https://www.keepassx.org/news/
  3. http://als.regnet.cz/fpm2/changelog
  4. http://packages.qa.debian.org/keepass2
  5. http://packages.qa.debian.org/keepassx
  6. http://packages.qa.debian.org/fpm2
  7. To the best knowledge of the author
  8. https://tails.boum.org/doc/encryption_and_privacy/manage_passwords/index.en.html
  9. http://dee.su/liberte
  10. http://keepass.info/help/v2/setup.html#mono
  11. https://www.keepassx.org/requirements/
  12. http://als.regnet.cz/fpm2/
  13. http://qa.debian.org/popcon.php?package=keepass2
  14. http://qa.debian.org/popcon.php?package=keepassx
  15. http://qa.debian.org/popcon.php?package=fpm2
  16. apt-get install keepass2
  17. apt-get install keepassx
  18. apt-get install fpm2
  19. apt-get install keepass2
  20. apt-get install keepassx
  21. apt-get install fpm2
  22. apt-cache show keepass2
  23. apt-cache show keepassx
  24. apt-cache show fpm2
  25. http://keepass.info/features.html
  26. https://www.keepassx.org/features/
  27. http://als.regnet.cz/fpm2/about
  28. http://keepass.info/features.html
  29. https://www.keepassx.org/features/
  30. http://als.regnet.cz/fpm2/about
  31. http://keepass.info/features.html
  32. https://www.keepassx.org/features/
  33. http://als.regnet.cz/fpm2/about
  34. http://keepass.info/features.html
  35. https://www.keepassx.org/features/
  36. http://als.regnet.cz/fpm2/about
  37. http://keepass.info/features.html
  38. https://www.keepassx.org/features/
  39. http://als.regnet.cz/fpm2/about
  40. https://www.keepassx.org/bug-reports/
  41. KeePass 2's reaction to a MITM bug report against its Update Check: 8.2.2016 @ 15:45: Received response from Dominik Reichl: The vulnerability will not be fixed. The indirect costs of switching to HTTPS (like lost advertisement revenue) make it a inviable solution.
  42. https://forums.whonix.org/t/add-password-manager-by-default/189/21
  43. https://labs.riseup.net/code/issues/5745

No user support in comments. See Support. Comments will be deleted after some time. Specifically after comments have been addressed in form of wiki enhancements. See Wiki Comments Policy.


Add your comment
Whonix welcomes all comments. If you do not want to be anonymous, register or log in. It is free.


Random News:

Please consider a recurring donation!


https | (forcing) onion

Follow: Twitter | Facebook | gab.ai | Stay Tuned | Whonix News

Share: Twitter | Facebook

This is a wiki. Want to improve this page? Help is welcome and volunteer contributions are happily considered! Read, understand and agree to Conditions for Contributions to Whonix ™, then Edit! Edits are held for moderation.

Copyright (C) 2012 - 2019 ENCRYPTED SUPPORT LP. Whonix ™ is a trademark. Whonix ™ is a licensee of the Open Invention Network. Unless otherwise noted, the content of this page is copyrighted and licensed under the same Freedom Software license as Whonix ™ itself. (Why?)

Whonix ™ is a derivative of and not affiliated with Debian. Debian is a registered trademark owned by Software in the Public Interest, Inc.

Whonix ™ is produced independently from the Tor® anonymity software and carries no guarantee from The Tor Project about quality, suitability or anything else.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent. Whonix ™ is provided by ENCRYPTED SUPPORT LP. See Imprint.