Password Manager: Keep your passwords safe (tutorial)

Would you like to use a password manager to keep your passwords safe, simple and digital instead of writing them on a piece of paper? Great, I’ll show you in a few simple steps what you need to consider when setting up and using a password manager.

Maybe you are one of those people who still keep their passwords on a piece of paper or in a booklet. Obviously, that’s pretty insecure and also often impractical. And with the amount of usernames, passwords, and security questions we have to remember today with our myriad accounts, intuitive digital management makes sense.

So it’s time to switch to a digital solution. And it’s called: Password Manager. What a password manager is, how it works and how to set it up, I’ll show you now! You should plan about 1-2 hours to set up your password manager for the first use.

What is a password manager and why is it useful?

Some people tend to use the same password for many or even all accounts. However, this is extremely insecure and only to be discouraged! The same applies to security questions or PIN codes.

A password manager provides you with a program/app where you have to log in with a single password, the so-called master password, and then have access to all your passwords & co. Additionally you have the possibility to add more data for an account, like security questions, used email addresses or other notes. So you can compare it with a safe.

Your complete data is encrypted with a currently non-crackable encryption, compressed and stored securely. Your passwords can only be accessed if you have the master password. Almost all providers offer an additional two-factor authentication. This offers double protection for your passwords.

A distinction is made between online and offline password managers. Online password managers are providers (e.g. LastPass or 1password) where your passwords are stored in their database. With offline password managers you have a database file where all passwords are stored. Encryption is of course standard for both variants!

Online-Password-Manager:
Advantages: Easy setup, convenient use
Disadvantages: (Mostly) chargeable, data is held by third-party provider

Offline-Password-Manager:
Advantages: Free, data is stored locally and only you have access
Disadvantages: Somewhat more complex setup (with the help of my instructions but no problem!)

Online or offline password manager – which is better?

I have a clear answer to this question: A mix of both. But how does that work?

We use an offline password manager and store the password database on an online cloud. This way we have combined the advantages of both variants: only we have access to the data, it’s free, we can set it up any way we want, it’s convenient and we can use it on all devices.

If you don’t want to do that, no problem. Then you can save step 2 in the instructions.

You can freely choose the cloud service you want to use. Maybe you already use Google Drive, Microsoft OneDrive, Dropbox or even your own Nextcloud installation. No matter which service you use, the setup works the same for all of them.

Set up password manager on your computer

I have been using the free KeePass password manager for many years and am very satisfied with it. I will now show you step by step how to set up the password manager and use it with a cloud service of your choice. We will set up the password manager on your computer and then install an optional app so that you can also access it via your smartphone and tablet at any time.

Step 1: Download Password Manager

First, download the latest version of KeePass here and follow the installation instructions.

Step 2: Place database file on a cloud

To save the password database on a cloud, you now need to install a synchronization program if you don’t already have one. The synchronization program automatically downloads the latest file to your cloud – even if you have created, changed or deleted a password on your smartphone or tablet.

If you want to use Google Drive, log in to Google Drive with your Google account. Click on the gear in the upper right corner, then on “Download Back-up and Sync for Windows” and install the program.

If you want to use OneDrive, the OneDrive app is already installed on your computer. If not, you can download the program here. You can see if it is installed in your Windows Explorer. There you should see the item “OneDrive” in the left menu.

If you want to use Dropbox, you need this program.

If you want to use your own Nextcloud, you will already have the sync client installed, it should also show up in Windows Explorer on the left. If not, here is the program link.

If you don’t want to use a cloud and only need the passwords on your computer, you can select your Documents folder as the storage location, for example.

Step 3: Set up password manager

Now we will set up the password manager. To do this, start KeePass for the first time. Now click on “File” in the upper left corner and then on “New”. Now navigate to your cloud provider via the menu on the left and enter “Passwords” as the file name. You can choose the name freely. It is best to name it so that you know that the file contains your passwords.

If you don’t want to use a cloud provider, you can just use the file in one place on your computer.

Important: The file must not be deleted, all your passwords are stored in it! Make sure that you always have a backup of the file!

Now you have to set your master password. You have to remember this password! And here I also find it legitimate to actually write it down analogously, to additionally secure yourself. you can personalize it a bit or have a password generated for you. But make sure that it is at least 8 characters long, contains upper and lower case letters, numbers and special characters.

Because if your master password is bad, automatically your other passwords are worse protected.

Step 4: Enable two-factor authentication

It’s optional, but I would highly recommend you to enable two-factor authentication (2FA).

This means that you have to specify a key file in addition to your master password to get the passwords. So if a hacker finds out your master password, he still can’t get to your passwords without this file. So double protection!

Simply expand the “Show expert options” field and click on “Create…” for “Key file/provider”.

In the next window select “Create a new key file (random key)”.

Now you have to hover over this noise field for a few seconds to create a random key. Behind it are mathematical methods to encrypt your passwords. To explain this in detail would be too far at this point.

After that you will be prompted to save this file as well. Put it in another location like your database file. However, remember where you put it.

Step 5: Clear database

On the next page you can specify a name for your database under “Database name”. All other options can be left unchanged, they are already well chosen.

Now you will see for the first time the data you have created.

You can now delete the existing sample entries by right-clicking > Delete Entry. You can also delete the folders on the left and – if you like – create your own folder structure. In the next section I will explain you exactly how to use the password manager.

How to use the password manager

Now we come to probably the most important part: how to use your new password manager properly. It’s very simple – that’s the big advantage.

Create & edit entry

To add a new account you can click on the red marked icon in the upper left corner or right click and choose “Add Entry”.

In the detail view you can now enter all important data. Here I have created an Amazon account as an example.

If you want to edit an entry, you can simply double-click on the entry and get the detail view again.

Now you have some work and may enter all your passwords from your slips of paper 😉

Copy passwords

The time has come. You have all passwords in there and of course you want to use them. Find the right entry in your passwords and double click on the asterisks. Your password is now stored in your clipboard for a few seconds.

Now go to the password field where you want to log in and paste the password via right click > Paste or with CTRL + V – easy, isn’t it?

Save database

When you have added, changed or deleted new passwords in your database, you must always save the database via “File” > “Save”. The database will then be automatically synchronized with your cloud.

Open database

Of course, your PC or laptop is always shut down. After the startup, of course, you want to get your passwords again. Open the KeePass program again and enter your password. If you have activated 2FA, your created key file must also be selected here.

KeePass remembers the location of your database file and your key file, so you don’t have to search for them each time.

Synchronize passwords with smartphone

If you are using a cloud provider, you can simply save the file using the menu or CTRL + S. Within a few seconds, the synchronization program of your cloud should have automatically updated the file on the server, so the files are directly available on your mobile device. Of course, it’s the same the other way around.

Most apps on the smartphone also have the same functions. The display looks slightly different, but in principle the same functions are supported.

Set up password manager on your cell phone

Install Keepass2Android on Android smartphone

If you use an Android smartphone, I can recommend the app Keepass2Android Password Safe. Download it from the Play Store and select “Open file…”. Here you can now select your cloud provider and log in with the account you are logged in with on your computer.

Now you can log in with your master password and see the same passwords that you already see on the PC. Optionally, you can now also activate the login via fingerprint or similar.

Install KeePassium on iPhone

If you use an iPhone, I can recommend the app KeePassium. It integrates great with the iOS Okö system and helps you to use your passwords quickly. Here you can also choose your cloud provider and select your database.

In the app’s settings, you can set that you no longer want to unlock your database with a password, but with your fingerprint or FaceID.

FAQ – Frequently asked questions