blog-contributions/opsec/passwordmanagement/index.html

162 lines
6.6 KiB
HTML
Raw Normal View History

2024-07-25 12:23:36 +02:00
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<link rel="shortcut icon" href="../../../../../../assets/img/favicon.png">
<title>Password Management 101 (How to use Keepass)</title>
<!-- Bootstrap core CSS -->
<link href="../../assets/css/bootstrap.css" rel="stylesheet">
<link href="../../assets/css/xt256.css" rel="stylesheet">
<!-- Custom styles for this template -->
<link href="../../assets/css/main.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
</head>
<body>
<!-- Static navbar -->
<div class="navbar navbar-inverse-anon navbar-static-top">
<div class="container">
<div class="navbar-header">
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand-anon" href="\index.html">nihilist`s Blog</a>
</div>
<div class="navbar-collapse collapse">
<ul class="nav navbar-nav navbar-right">
<li><a href="/about.html">About</a></li>
<li><a href="/blog.html">Categories</a></li>
2024-08-12 23:22:38 +02:00
<li><a href="https://blog.nowhere.moe/donate.html">Donate</a></li>
2024-07-25 12:23:36 +02:00
<li><a href="/contact.html">Contact</a></li>
</ul>
</div><!--/.nav-collapse -->
</div>
</div>
<!-- +++++ Posts Lists +++++ -->
<!-- +++++ First Post +++++ -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
2024-08-18 22:50:34 +02:00
<a href="../index.html">Previous Page</a></br></br><p><img src="../../assets/img/user.png" width="50px" height="50px"> <ba>nihilist@mainpc - 2024-06-16</ba></p>
2024-07-25 12:23:36 +02:00
<h1>Password Management 101 (How to use Keepass) </h1>
<img src="1.png" style="width:250px">
<p> </p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /grey -->
<!-- +++++ Second Post +++++ -->
<div id="anon3">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>What is password management, and Why use Keepass? </b></h2>
<p>If you have seen my <a href="../../HTB/index.html">Offensive Security</a> blog section, or the numerous news regarding massive companies being hacked, you should be aware that no matter where you choose to put your data out there, nowhere is truly safe.</p>
<p>Now let's take the following example, Bob is being lazy (again), and he uses the same password for his laptop, all of his accounts online, and at some point he creates an account on "Spotify":</p>
<img src="2.png" class="imgRz">
<p>So Bob has one password for everything he does online. <b>What happens when one of those services (ex: Spotify) gets hacked ?</b> </p>
<img src="3.png" class="imgRz">
<p>First thing that happens, is that Bob's password gets leaked online publicly, his password may even end up in the popular password wordlists like in <a href="https://github.com/danielmiessler/SecLists">seclists</a>.</p>
<p>This means, that a potential hacker may gain access in not only bob's spotify account, <b>but also in all of his other accounts</b>, since Bob used the same password everywhere.</p>
<img src="4.png" class="imgRz">
<p>This could have been avoided if Bob had a different strong password for every service. That way, if one of those services got hacked, only one meaningless password would have been revealed. That is why Keepass is relevant here, because it will remember all of those passwords so that Bob doesn't have to.</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<div id="anon2">
<div class="container">
<div class="row">
<div class="col-lg-8 col-lg-offset-2">
<h2><b>How to install KeepassXC</b></h2> </br> </br>
<p>Bob can install KeepassXC using apt on debian:</p>
<pre><code class="nim">
nihilist@mainpc:~/Nextcloud/blog$ sudo apt install keepassxc
nihilist@mainpc:~/Nextcloud/blog$ which keepassxc
/usr/bin/keepassxc
nihilist@mainpc:~/Nextcloud/blog$ keepassxc
</code></pre>
<img src="../torbrowsing/8.png" class="imgRz">
<img src="../torbrowsing/9.png" class="imgRz">
<img src="../torbrowsing/10.png" class="imgRz">
<img src="../torbrowsing/11.png" class="imgRz">
<img src="../torbrowsing/12.png" class="imgRz">
<p>That way, Bob can have a unique, strong password for every website he registers an account onto. If one of them gets hacked, the adversary won't gain access to every other account that Bob has.</p>
<img src="6.png" class="imgRz">
<p>The only password reuse that there may be is only local to Bob's computer, where he uses a password to unlock his harddrive, and log onto his host OS, and open his keepass file. The rest of remote logins are now managed and remembered by Keepass. </p>
<p>Next, Bob learns to use <a href="../pgp/index.html">PGP encryption</a> using Gnupg.</p>
</div>
</div><!-- /row -->
</div> <!-- /container -->
</div><!-- /white -->
<!-- +++++ Footer Section +++++ -->
<div id="anonb">
<div class="container">
<div class="row">
<div class="col-lg-4">
<h4>Nihilism</h4>
<p>
Until there is Nothing left.
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>My Links</h4>
<p>
2024-08-15 14:43:58 +02:00
<a target="_blank" rel="noopener noreferrer" href="http://blog.nowhere.moe/rss/feed.xml">RSS Feed</a><br/><a target="_blank" rel="noopener noreferrer" href="https://matrix.to/#/#nowheremoe:nowhere.moe">Matrix Chat</a><br/>
2024-07-25 12:23:36 +02:00
</p>
</div><!-- /col-lg-4 -->
<div class="col-lg-4">
<h4>About nihilist</h4>
2024-08-28 20:13:19 +02:00
<p style="word-wrap: break-word;"><u>Donate XMR:</u> 8AUYjhQeG3D5aodJDtqG499N5jXXM71gYKD8LgSsFB9BUV1o7muLv3DXHoydRTK4SZaaUBq4EAUqpZHLrX2VZLH71Jrd9k8</p></br><p><u>Contact:</u> nihilist@contact.nowhere.moe (<a href="https://nowhere.moe/nihilist.pubkey">PGP</a>)</p>
2024-07-25 12:23:36 +02:00
</div><!-- /col-lg-4 -->
</div>
</div>
</div>
<!-- Bootstrap core JavaScript
================================================== -->
<!-- Placed at the end of the document so the pages load faster -->
</body>
</html>