When it comes to managing passwords, there are several options available to you. Kubuntu Focus computers come with a couple of these pre-installed, but there are several others that you can find throughout the web.
Manage passwords efficiently with KeePassXC.
Please read the disclaimer before proceeding. We review and update guided solutions regularly. If you have suggestions or requests, please write support@kfocus.org.
KDE Wallet is the default password manager on Kubuntu systems. It stores passwords completely encrypted and unlocks upon login. All KDE applications integrate with this password manager, and it stores Wi-Fi passwords, file manager passwords, and other system passwords. It also integrates well with Google Chrome and other browsers.
By default, the KDE Wallet master password is the same as your user password. For this reason, if you ever change your user password, your KDE Wallet password will no longer unlock automatically upon login. You can fix this by making sure the passwords match again:
System Settings > Account SettingsWallet Preferences, make sure [x] Enable the KDE Wallet Subsystem is selectedLaunch Wallet ManagerWallet Manager app appears, click on the top-right button labeled Change Password...Some apps that typically require gnome-keyring need libsecret capability. Recent versions of KWallet reportedly provide this capability through the qbus |grep -i secret. This shows org.freedesktop.secrets service. One can inspect these services using sudo apt install qttools5-dev-tools && qdbusviewer. However, since we use KeePassXC as our cross-platform password manager, we use it instead as described below.
KeePassXC is a cross-platform, sync-able, decentralized password management solution. It has plugins for Chrome (and other Chromium-based browsers), Firefox, and Android clients. We highly recommend this password solution. For many, it’s a great alternative to commercial services like LastPass and 1Password.
To use KeePassXC as your browser password manager, install the browser extension. With Firefox, use Menu > Add-Ons and themes, with Chrome, use Menu > Extensions > Visit Chrome Web Store. Then in KeePassXC, enable browser password integration by clicking on Settings (Gear Icon) > Browser and select your browser, like [x] Firefox, and click OK. If you are using the Firefox snap, see the Browsers Guided Solution for additional adjustments you will need to make. The 24.04 Kubuntu Focus Suites replaces the default Snap with the official Firefox packages from Mozilla.
To use KeePassXC to provide libsecrets (gnome-keyring), such as VSCode Settings Sync and Fortinet Client, follow the steps below.
sudo apt install libsecret-tools). This provides the secret-tool command.Tools > Settings > Secret-Service-Integration and check the Enable KeePassXC Freedesktop.org Secret Service Integration and click Ok.Tools > Settings > Secret-Service-Integration, click the General tab, and then in the Exposed Database Groups table, click the small pencil icon next to the database you want to host the secrets. This will show the Database Settings dialog, which has a Secret Service Integration section. Click on Secret Service Integration and then check the Expose entries under this group radio option. Select the group you created in the second step, and click Ok.secret-tool store --label='Created from cli' account test, and then enter your desired password. You should be able to see this new credential in KeePassXCSome forum posts recommend installing Gnome Keyring; however, this can interfere with the KWallet subsystem. For this reason, we strongly recommend you try to use KeePassXC instead. KeePassXC libsecret capability is shown here. The steps above are found in this AskUbuntu post.
KeePassXC’s database file can be stored on a cloud drive such as Dropbox, Google Drive, OneDrive, ownCloud, Nextcloud, or similar. This is useful for synchronizing across multiple devices. To learn more, visit the KeePassXC website documentation.
Sometimes, a database file can conflict when shared on a cloud drive. This can happen if you change passwords on two devices but the sync is disabled or delayed. When this occurs with Dropbox, the offending file is kept with a name like foo-conflicted.pas. To resolve this issue, you can merge databases:
Database > Save Database Backup... to backup your current database.Database > Merge from Database and read-in the conflicted file.To compare changes between databases, like those before or after a merge, you can follow this procedure:
Database > Export > CSV File the databases you wish to compare.kdiff3 or meld to compare the CSV files.The KeePassXC team released a security audit which we also encourage you to review. You can learn more from the official KeePassXC website.
Password recovery can be a complex system issue. Please see Installation Recovery Guided Solution for how you can do this.
Decentralized browser-based solutions exist as well, such as ownCloud and Nextcloud. These solutions require your own web server and adding the respective password management apps to the ownCloud and Nextcloud instances you run on those servers. For more information on these, see the links to the respective solutions.
Q: I am prompted frequently to sign into KWallet. Is this normal?
A: No, by default the KDE Wallet master password is the same as your user password. The login system recognizes this and unlocks your KDE Wallet automatically. If you change your user password, you should also update your KDE Wallet password to match; otherwise, you will be be prompted to open the KDE Wallet at times. See the KDE Wallet section, above, for full instructions.
This is a partial revision history. See the git repository for all entries.
2024-07-21 7233facb Add KeePassXC database merge and compare2024-06-05 d9dbfd02 Note Thunderbird and Firefox 24.04 packages2024-05-02 68a59c71 Update browser integrations instructions2023-11-18 e770b1c6 Add search and help bar2023-11-16 30f1145b Add KWallet passwd advice in Q+A2023-06-28 e4a03c44 Include KeePassXC audit link2023-06-09 beb8e0bc Add Fortinet advice, qdbusviewer2022-03-21 06240af7 Add KeePassXC libsecret advice2021-10-10 5728326e Reformat to 2-column2021-09-22 dc862884 Update link and headline colors2021-08-23 681261b4 Review and update codeblocks2021-07-27 9e6157ce Update KWallet advice2021-06-18 13c5e182 First publicationWe try hard to provide a useful solution validated by professionals. However, we cannot anticipate every situation, and therefore cannot guarantee this procedure will work for your needs. Always backup your data and test the solution to determine the correct procedure for you.
THIS SOLUTION IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOLUTION, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
HAVE QUESTIONS?Call 844-536-2871 or write
TellMeMore@kfocus.org | GET FOCUS MERCH