I run a nextcloud instance and sync using WebDAV
KeePass Password Manager
Everything about KeePass password manager and its forks.
Only two simple rules:
- Keep a respectful tone.
- No spam/scam.
So my understanding is nextcloud is like Dropbox, except you self-host it on a nas or something similar. Is that true? Then Webdav is just the way to manage those files?
How much effort is self-hosting something? I was thinking of getting a nas for prime day, but not sure of the effort involved.
Yes its like Dropbox but self hosted. It also provides a number of other features but for the sake of simplicity well only think about the file sync.
WebDAV is just a way to talk to nextcloud over http to send and receive data. Keepass2Android supports WebDAV, thus I use that to manage the syncing of my database.
The effort to self host is...well its just subjective. I've been doing this for a long time and my profession directly applies to these things so for myself I don't consider it much of an effort. If you are starting from zero though there will definitely be a lot to learn.
I don't use a bought NAS but you can certainly do so. I have some experience with the Synology devices and they seem OK but I don't know what its like running different third party services like nextcloud on it so you'd want to read up.
I host everything on systems I've built. My home server is just some old desktop hardware that I put into an supermicro tower chassis. My main server is colocated at a data center which I also built from eBay parts and put into a 2u 12 bay supermicro chassis.
So you don't have to buy some nas to get started, just need some PC hardware.
Well on PC, I would definitely recommend KeePassXC - it has a more modern UI and some nicer features, but standard KeePass is also fine. On Android, I personally prefer KeePassDX - I think it's a bit more polished and less buggy than KeePass2Android.
To sync my database between my PC and phone, I use Syncthing, which is a fantastic free and open-source software. It allows you to sync files between your devices, without using any third party servers. Also, everything is end-to-end encrypted, so it's probably one of the most secure ways to transfer data between devices.
I'll need to look more into KeePassXC. I don't mind the barebones UI in KeePass, but my wife certainly does, so getting something a bit more polished looking could be nice.
I'm very intrigued by syncthing. Presently, I just encrypt and sync through dropbox. Is syncthing significantly more user-friendly? Or is it more secure if my current method is poor?
Thanks for your help! Also thanks for setting up the community!
Well Syncthing requires some set-up, but it's pretty simple. Basically, you just need to make sure that it constantly runs on all devices, but there are plenty of guides online that help you set up auto-execute. Dropbox works just fine, and since your KeePass database is encrypted, it's not a big deal. I'm just the kind of person that likes layers of security, even though it's probably overkill 🤣
I also use synching. It's very seamless. I've got a script to weekly back up my db and one of the places it's put ensures my phone is always up to date or nearly up to date on what's on my PC.
I sync weekly with smbsync and a nas
How come? Why don't you just sync the database directly between your phone and PC? If you set up Syncthing to do file versioning, then you pretty much have a backup. That's how I have mine set up, and I never have to do anything. All my passwords are immediately synced between my devices when I edit the database in either place
it grew that way. first it only was a backup from pc to nas and now every client pulls from nas. i manually push to nas so nothing get's lost, and no sync shinanigans happen and every client can mess with that file. that's just me, i know i could automate it and/or do it different
I assume you can set-up to sync at whatever frequency? I definitely prefer if it is near real-time (at least within a couple minutes of doing an edit) because I make accounts on my computer and log in on my phone quite frequently.
If you have Syncthing running, it constantly syncs, so changes go through immediately when you make a change on either device
KeepassDX has the better UI, but it has some bug's. Most annoying currently is, that it is not possible to AutoFill in some apps on Android, where KP2A has no problem to do the same. Additional it doesn't sync with WebDAV or any other network based backend. For this last problem, I use a combination of Tasker and FoldeSync Pro. With Tasker i dedect if KeePassDX is started and send a Intent to FoldeSync to sync the database via WebDAV. There can be a rare situation when both sides of the sync pair has changed, to overwrite one of the changes, but this should be really rare.
KeePassXC vs KeePass is some other story. I really like KeePassXC, specially since I'm working mostly on Linux. But standard KeePass is a little bit more reliable and robust. Additional it has some small quality of life features, what KeePassXC not has. For example easy editing of placeholders for special Autotype Sequences. this is a lot easier in Keepasss. Also to re-use a custom field name for other entries, as long you have entered the field name before. Since I make heavy use of custom fields, this is life saver to have consistent data .
I have been installing KeePass on my computers and keepass2android on my phone, with syncthing running on all of them syncing the database file.
I did this today after google told me to reset my password because of suspicious activity, and had to reset all my passwords. It seems to work well, but time will tell.