Skip to content

Instantly share code, notes, and snippets.

@toraritte

toraritte/passwd-sharing-with-keepassxc-and-shamir.adoc

Last active February 14, 2023 21:37
Show Gist options
  • Save toraritte/224a668ab46bfa47d94fdc5b19d3ae72 to your computer and use it in GitHub Desktop.
Save toraritte/224a668ab46bfa47d94fdc5b19d3ae72 to your computer and use it in GitHub Desktop.
Download ZIP
Rudimentary workflow for remotely sharing passwords using KeepassXC and Shamir's secret sharing (SSS)
Raw
passwd-sharing-with-keepassxc-and-shamir.adoc

Rudimentary workflow for remotely sharing passwords using KeepassXC and Shamir’s secret sharing (SSS)

  1. Create a KeepassXC database (i.e., a file with .kdbx extension) with the credentials to be shared.

  2. Put it in a place that is available to everyone who needs access to it.

  3. Generate "secret shares" of the shared database by using Shamir’s secret sharing (SSS) algorithm (by using the online PassGuardian tool, grempe/secrets.js, etc.).

  4. Send the required number of "secret shares" to members of your team through different channels.

  5. Team members reconstruct the shared database’s password using the "secret shares", and save it into their password manager of choice.

The problem of sending the password can be solved using public-key cryptography, but if the recipients are not familiar with it, then the learning curve is way steeper than using PassGuardian.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment