sufyaan-website/kpst/index.html

<!DOCTYPE html>
<html lang="en">

	<head>
		<title>(POST) KeePass + Syncthing</title>
		<link rel="icon" type="image/x-icon" href="../images/favicon.webp">
		<link rel='stylesheet' type='text/css' href="../style.css">
		<meta charset="utf-8"/>
		<meta name="viewport" content="width=device-width, initial-scale=1.0">
	</head>

	<body>
											      <a style="text-decoration: none;" href="../">
	  <pre class="main-header">
 _______ _     _ _______ __   __ _______ _______ __   _
 |______ |     | |______   \_/   |_____| |_____| | \  |
 ______| |_____| |          |    |     | |     | |  \_|
	  </pre>
	  </a>
	<hr/><p><a href="../">sf.cu</a> > <a style="color:#bd93f9" href="../blog/">Blog</a> > <a style="color:#bd93f9" href="."><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24"><path fill="currentColor" d="M12 0C5.378 0 0 5.378 0 12c0 6.623 5.378 12 12 12c6.623 0 12-5.377 12-12c0-6.622-5.377-12-12-12zm0 .791a11.203 11.203 0 0 1 11.209 11.21A11.202 11.202 0 0 1 12 23.208A11.203 11.203 0 0 1 .791 12A11.203 11.203 0 0 1 12.001.791zm0 1.871a9.356 9.356 0 0 0-1.705.162A1.746 1.746 0 0 0 12 4.95a1.746 1.746 0 0 0 1.706-2.126A9.342 9.342 0 0 0 12 2.662zM7.2 4a9.338 9.338 0 0 0-4.54 8a9.338 9.338 0 0 0 18.677 0a9.338 9.338 0 0 0-4.54-7.998a4.888 4.888 0 0 1-2.701 5.365l-.12 2.066l1.482 1.483l-1.483 1.482l.989.989l-.989.988l.12 1.857L12 20.328l-2.096-2.096V9.367A4.89 4.89 0 0 1 7.2 4zm3.4 6.543v6.99h.7v-6.99z"/></svg>KeePass + Syncthing</a></p>
	<h1><svg class="titles" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M12 0C5.378 0 0 5.378 0 12c0 6.623 5.378 12 12 12c6.623 0 12-5.377 12-12c0-6.622-5.377-12-12-12zm0 .791a11.203 11.203 0 0 1 11.209 11.21A11.202 11.202 0 0 1 12 23.208A11.203 11.203 0 0 1 .791 12A11.203 11.203 0 0 1 12.001.791zm0 1.871a9.356 9.356 0 0 0-1.705.162A1.746 1.746 0 0 0 12 4.95a1.746 1.746 0 0 0 1.706-2.126A9.342 9.342 0 0 0 12 2.662zM7.2 4a9.338 9.338 0 0 0-4.54 8a9.338 9.338 0 0 0 18.677 0a9.338 9.338 0 0 0-4.54-7.998a4.888 4.888 0 0 1-2.701 5.365l-.12 2.066l1.482 1.483l-1.483 1.482l.989.989l-.989.988l.12 1.857L12 20.328l-2.096-2.096V9.367A4.89 4.89 0 0 1 7.2 4zm3.4 6.543v6.99h.7v-6.99z"/></svg>KeePass + Syncthing</h1>
		<p style="font-size:110%">Posted on: <strong>23 June 2023</strong></p><p style="font-size:110%">Reading time: <strong><strong>2 min</strong><p style="font-size:110%"></strong>Category: <a style="color:#ff79c6" href="../blog/software/"><svg class="posts" xmlns="http://www.w3.org/2000/svg" width="16" height="16" viewBox="0 0 24 24"><path fill="currentColor" d="M14 18.32A7.06 7.06 0 0 1 11.28 16H3V4h18v2.26a7.08 7.08 0 0 1 2 2.15V4a2 2 0 0 0-2-2H3a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h7v2H8v2h8v-2h-2Z"/><path fill="currentColor" d="M17 6a6 6 0 1 0 6 6a6 6 0 0 0-6-6Zm0 7.5a1.5 1.5 0 1 1 1.5-1.5a1.5 1.5 0 0 1-1.5 1.5Z"/></svg><strong>Software</strong></a></p>
	<p>I have decided to switch from a self-hosted Vaultwarden (Bitwarden) instance to using KeePass along with Syncthing to sync it to all my devices. There are numerous reasons why I decided to make this change.</p>
	<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M18 8h-1V6c0-2.76-2.24-5-5-5S7 3.24 7 6v2H6c-1.1 0-2 .9-2 2v10c0 1.1.9 2 2 2h12c1.1 0 2-.9 2-2V10c0-1.1-.9-2-2-2zm-6 9c-1.1 0-2-.9-2-2s.9-2 2-2s2 .9 2 2s-.9 2-2 2zM9 8V6c0-1.66 1.34-3 3-3s3 1.34 3 3v2H9z"/></svg>Security</h2>
	<p>The offline nature of KeePass makes it so that it is nearly impossible to crack. Connecting things to the internet makes it trivial for a script kiddie thousands of kilometers away from you to attempt to crack your passwords. A password manager is a place where all of your passwords are stored. Due to this very reason, I decided to upgrade my security by moving to a reputed piece of software.</p>
	<p>It has a plethora of security features. Firstly, it has the ability to generate passwords of any length. It allows you to choose what characters are allowed. Its generation is so complex and liberating that even foreign characters like <code>Æ</code>, <code>É</code>, or even mathematics symbols and arbitrary symbols that no one would care about can be used. For example, the division sign (÷) or the copyright symbol (©) are included in password generation. Since most hackers try alphanumeric character cracking, KeePass password generation can make your passwords practically impossible to crack.</p>
	<p>The encryption algorithm used for your password database is AES-256, commonly known as 256-bit encryption. It is a form of encryption that is so difficult to crack that the only way you can actually hope to obtain someone's password is by phishing them or using external methods. For more information, please <a href="https://invidious.tiekoetter.com/watch?v=S9JGmA5_unY">watch this video by 3Blue1Brown.</a> It is extremely interesting.</p>
	<p>In fact, KeePass is so secure that even the passwords that are stored in your memory while you are viewing your database is encrypted. That way, even a <a href='../definitions/management-engine' style='color:#50fa7b'>management engine</a> attack will not work. If you want to try viewing the cleared memory sectors to find remnants of your passwords, good luck. The passwords which are stored in your memory are first overwritten to the point of unrecoverability before being cleared.</p>
	<p>You can even setup a keyfile (a file you need to use to login), a <a href='../definitions/security-key/' style='color:#50fa7b'>security key</a>, or both.</p>
	<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32"><path fill="currentColor" d="M15.5 1.125C7.278 1.125.59 7.815.59 16.035c0 6.263 3.88 11.635 9.36 13.84l3.64-9.076a5.131 5.131 0 1 1 3.818-.001l3.64 9.075c5.48-2.206 9.36-7.578 9.36-13.84c.002-8.22-6.687-14.91-14.908-14.91z"/></svg>View. The. Code.</h2>
	<p>KeePass is open-source under the GPLv2 license, which is the best open-source license for people's freedom. That makes it <a href='../definitions/free-software/' style='color:#50fa7b'>free software</a>.</p>
	<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 32 32"><path fill="currentColor" d="M24.26 32H7.739a1.28 1.28 0 0 1-1.281-1.281V18.495c0-.708.573-1.286 1.281-1.286h1.552v-1.974c0-3.698 3.01-6.708 6.708-6.708s6.708 3.01 6.708 6.708v1.974h1.552c.708 0 1.281.578 1.281 1.286v12.224A1.28 1.28 0 0 1 24.259 32zm-7.421-6.76c1.521-.859.911-3.182-.839-3.182c-1.745.005-2.354 2.318-.839 3.182v1.656c0 1.115 1.677 1.115 1.677 0zm-3.698-8.032h5.724v-1.974c0-1.578-1.286-2.859-2.865-2.859s-2.859 1.281-2.859 2.859zm-7.078-1.817H2.079c-.651 0-1.172-.526-1.172-1.172s.521-1.172 1.172-1.172h3.984c.646 0 1.172.526 1.172 1.172s-.526 1.172-1.172 1.172zM8.87 9.12a1.14 1.14 0 0 1-.74-.271L4.974 6.255a1.166 1.166 0 0 1-.156-1.646a1.166 1.166 0 0 1 1.646-.161L9.62 7.042c.849.698.349 2.078-.75 2.073zM16 6.359a1.174 1.174 0 0 1-1.172-1.172V1.171c0-.646.526-1.172 1.172-1.172s1.172.526 1.172 1.172v4.016c0 .646-.526 1.172-1.172 1.172zm7.13 2.761c-1.104 0-1.599-1.38-.75-2.078l3.156-2.594c1.208-.99 2.693.818 1.49 1.813L23.87 8.855a1.16 1.16 0 0 1-.74.266zm6.792 6.271h-4.021c-.651 0-1.172-.526-1.172-1.172s.521-1.172 1.172-1.172h4.021c.651 0 1.172.526 1.172 1.172s-.521 1.172-1.172 1.172z"/></svg>The Encryption Never Stops</h2>
	<p>Along with KeePass, I use Syncthing to sync my database. Syncthing also uses cryptographic encryption. This makes it so that anyone who wants to brute-force my database needs access to both my Syncthing password and my KeePass password.</p>
	<h2><svg class="heading2" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 24 24"><path fill="currentColor" d="M6.012 18H21V4a2 2 0 0 0-2-2H6c-1.206 0-3 .799-3 3v14c0 2.201 1.794 3 3 3h15v-2H6.012C5.55 19.988 5 19.805 5 19s.55-.988 1.012-1zM8 6h9v2H8V6z"/></svg>To Conclude...</h2>
	<p>I use KeePass along with Syncthing for three reasons.</p>
	<ol>
		<li>KeePass is extremely secure. It has industry-standard protection methods and algorithms and its offline nature makes it practically uncrackable.</li>
		<li>It is fully <a href='../definitions/free-software/' style='color:#50fa7b'>free software</a> under the GPLv2 license</li>
		<li>Syncthing is also encrypted, which means that an attacker who wants to attack me using the internet needs to crack both my Syncthing password and KeePass password which would take billions of years.</li>
	</ol>
	<p>I am probably never going to switch back because this system works extremely well. Syncthing is very fast at staying up-to-date.</p>
	<p><a href="mailto:sufyaan@counterhawks.com?subject=KeePass%20+%20Syncthing">>>> Reply To Me</a></p>
	  <p><a href="kpst.pdf">>>> Download PDF</a></p>
	<p style="text-align:center;"><a href="../ffmpeg/" style="color:#bd93f9"><svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSLeftOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="M30 36L18 24l12-12v24Z"/></mask><path fill="currentColor" d="M0 0h48v48H0z" mask="url(#ipSLeftOne0)"/></svg>Previous Post</a> - <a style="color:#bd93f9" href="../mnml/">Next Post</a> <svg class="footer-posts" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 48 48"><mask id="ipSRightOne0"><path fill="#fff" stroke="#fff" stroke-linejoin="round" stroke-width="4" d="m20 12l12 12l-12 12V12Z"/></mask><path fill="#bd93f9" d="M0 0h48v48H0z" mask="url(#ipSRightOne0)"/></svg></p>
	<hr/>
	<footer>
		<p class="footer-text"><a style="color:#bd93f9" href="../blog">blog</a> - <a style="color:#ffb86c" href="../about">about</a> - <a style="color:#f1fa8c" href="../portfolio">portfolio</a> - <a style="color:#ff5555" href="../links">links</a></p>
		<p class="footer-text" style="font-size:80%"><a href="../">sufyaan.me</a></p><p class="footer-text" style="font-size:65%"><a style="color:#aaaaaa" href="../sitemap">Site Map</a></p>
	</footer>