11
submitted 4 months ago* (last edited 4 months ago) by boredsquirrel@slrpnk.net to c/cybersecurity@sh.itjust.works

Google Pixel phones, especially with GrapheneOS, are worlds more secure than other technologies.

Every user account is decrypted with a key generated by the secure element, and the pin is just used to unlock that key.

But the secure element is rarely used in other applications.

Here is how to unlock your KeepassDX Storage with it:

  1. Create a password storage with a very secure and long password. Length is especially important, prefer to use tons of nonsense words, over hard to remember symbols
  2. In KeepassDX Settings, under "unlock settings" enable "use system unlock"
  3. Enter the password for the password storage.
  4. Instead of pressing Enter, press on the button in the bottom left to register the password in the Android Keystore.

From now on you can unlock your password storage using all the security that your device offers.

The only weakness is the password, so make it as long as possible.

To copy-paste passwords relatively securely, you can use Florisboard's internal clipboard. Enable "sync from system clipboard", and disable "sync to system clipboard".

If you copy things using the button on Florisboard, it will only be saved in Florisboards internal app storage, not your system clipboard, which is accessible to all input devices (keyboard apps) and foreground apps.

To delete things from the system clipboard (which only holds one entry) you can use apps like this one

I recommend Obtainium to get the latest versions of these apps.

Here is a list of available app configs

you are viewing a single comment's thread
view the rest of the comments
[-] boredsquirrel@slrpnk.net 2 points 4 months ago

Syncthing + KeepassXC works kinda fine, but not always.

this post was submitted on 12 Jul 2024
11 points (86.7% liked)

Cybersecurity

5759 readers
68 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago
MODERATORS