PassXYZ

自定义图标是PassXYZ用户反馈中要求最多的一项功能。虽然KeePassLib本身是支持自定义图标的，但只适用于Windows环境。而PassXYZ需要在Windows，iOS和Android这三个平台上同时支持这一功能。为了达到这一目的，先要在KPCLib中实现这一功能。在最新的KPCLib 1.1.9版本中，通过利用SkiaSharp图形库，将自定义图标功能同时实现在了三个平台上。有兴趣的朋友可以在GitHub上找到相关的代码。

在PassXYZ 2.1.1/PassXYZ Cloud 2.4.1版本中，KPCLib已被更新到1.1.9，所以用户就可以使用自定义图标功能了。关于如何使用自定义图标，请参考以下的动画图片：

如上图所示，可以使用更换图标的上下文菜单来添加自定义图标。关于如何使用更换图标的上下文菜单，请参考另一篇文章“如何更改图标”。当用户选择了更换图标后，在更换图标的页面，可以看到一个新增加的”+”按钮，选择这个按钮便可以通过相册或文件浏览来选择想要的图标。

自定义图标的要求：

用户自定义的图标需符合如下要求：

1. 图标必须是正方形的，并且像素需要大于96x96。
2. 建议使用JPEG或PNG格式。

如何删除自定义图标

添加了自定义图标后，如果有需要，用户也可以删除自定义图标。如何删除自定义图标，请参考下面的动画图片：

在更换图标的页面，用户可以使用上下文菜单来删除图标。如在Android系统中，可以长按自定义图标来显示上下文菜单。关于在不同系统中的上下文菜单使用，可以参考文章PassXYZ的上下文菜单在不同系统中的比较。

PassXYZ和PassXYZ Cloud的版本在2018年12月17日分别更新至1.7.1和2.0.1了。这次更新带来了以下三个新功能：

1. 用户可以更改“组”和“条目”的图标。
2. PassXYZ用户可以通过拍照或截屏来快速抓取信息并保存为附件。
3. 增加了“模板重置”选项。在新版本中，用户可以通过此选项自行更新模板。

如何使用上述新功能，请参考下面“扩展阅读”部分的文章。

扩展阅读：

• 如何更改图标
• 通过拍照或相册添加附件
• 备份与同步（一） 使用密码管理软件时，如何选择适合自己的备份与同步方案
• 备份与同步（二） 如何使用云存储来实现多设备的备份与同步
• 谈安全性与易用性的权衡，PassXYZ与PassXYZ云
• PassXYZ的上下文菜单在不同系统中的比较

PassXYZ是一款跨平台的密码管理软件，可以运行在安卓和苹果手机以及Windows 10上。
PassXYZ基于著名的开源软件KeePass开发，所以兼容KeePass数据格式。PassXYZ的核心代码可以在开源社区GitHub上获取。PassXYZ最大的特点是通过提供大量的个人信息记录模板来分享和传递良好的使用习惯。PassXYZ个人信息管理软件和PassXYZ公众号的目标是通过两者的结合来推动和提高公众的个人信息管理水平。

您可以通过苹果应用商店，微软应用商店，Google Play和华为应用商店搜索关键字PassXYZ来下载该应用。如果您想获得更多模板或对个人信息安全及管理有兴趣，可以搜索关键字PassXYZ关注公众号。您也可以通过微信号passxyz_kpclib来添加此公众号。PassXYZ公众号专注于个人信息安全及管理的相关知识。

现在有不少的无线路由器都自带USB接口。利用这个USB接口，可以连接移动硬盘或U盘，把无线路由器变成网络存储服务器。这样，家里所有的电脑或移动设备都可以共享移动硬盘或U盘上面的数据。目前小米路由器和荣耀路由器都具备此项功能。这里，我们就以荣耀路由器为例，来说明如何使用路由器的网络存储功能，以及如何使用网络存储来备份和同步PassXYZ数据。

设置路由器的网络存储

1. 先将U盘或移动硬盘连到路由器的USB接口；
2. 在PC浏览器中登录荣耀路由器的管理页面，如下图；

3. 在管理页面中选择“更多功能”；
4. 在“更多功能”页面可以看到“存储共享”选项如下图；

5. 选择“开启文件共享服务”以使用网络存储。可以选择“访问加密”并设置用户名和密码以增加安全性。

在“PassXYZ云版”中使用网络存储

在“PassXYZ云版”2.2.1.1之后增加了对SMB/CIFS的支持。SMB(Server Message Block)或者CIFS(Common Internet File System)是微软Windows中用于共享网络存储的协议。路由器的网络存储就是用SMB/CIFS来实现“存储共享”的。

在“PassXYZ云版”中使用SMB协议与使用WebDAV协议非常类似。关于如何使用，请参考另一篇文章“备份与同步（二） 如何使用云存储来实现多设备的备份与同步”。

设置SMB与WebDAV唯一的不同点是，在建立用于登录的“条目”时，要选择模板中的“SMB 服务”。

选择了模板中的“SMB 服务”后，需要填写如下信息用于登录路由器的“存储共享”服务：

1. UserName - 如果在路由器的设置中开启了“访问加密”，UserName即是之前设置的“用户名”。
2. Password - 即是“访问加密”设置中的“密码”。
3. Hostname - 路由器的IP地址。一般荣耀路由器缺省的IP是192.168.3.1。
4. Remote Folder - U盘或移动硬盘中存储PassXYZ数据的目录名，如“/Documents/PassXYZ/”或“/文件/PassXYZ/”等。

扩展阅读：

• 备份与同步（一） 使用密码管理软件时，如何选择适合自己的备份与同步方案
• 备份与同步（二） 如何使用云存储来实现多设备的备份与同步
• 谈安全性与易用性的权衡，PassXYZ与PassXYZ云
• PassXYZ的上下文菜单在不同系统中的比较

PassXYZ是一款跨平台的密码管理软件，可以运行在安卓和苹果手机以及Windows 10上。
PassXYZ基于著名的开源软件KeePass开发，所以兼容KeePass数据格式。PassXYZ的核心代码可以在开源社区GitHub上获取。PassXYZ最大的特点是通过提供大量的个人信息记录模板来分享和传递良好的使用习惯。PassXYZ个人信息管理软件和PassXYZ公众号的目标是通过两者的结合来推动和提高公众的个人信息管理水平。

您可以通过苹果应用商店，微软应用商店，Google Play和华为应用商店搜索关键字PassXYZ来下载该应用。如果您想获得更多模板或对个人信息安全及管理有兴趣，可以搜索关键字PassXYZ关注公众号。您也可以通过微信号passxyz_kpclib来添加此公众号。PassXYZ公众号专注于个人信息安全及管理的相关知识。

在PassXYZ 1.7.1和PassXYZ Cloud 2.0.1版本中增加的一个新功能是通过拍照或相册添加附件。这是一个许多用户想要的功能。

PassXYZ用户经常会发现，最简便的方法莫过于在注册了一个账号之后，拍个照或者截个屏把信息存储下来。之后当需要查找时，看下截图就可以了。重要账号才会按模板中的项目填写。这样操作确实非常方便和省时。

通过拍照添加附件

在新版本中添加了一个相机按钮，用户可以直接点击开启相机拍照来建立一个“条目”。具体步骤可以参考下面的动图。

1. 点击相机按钮后就会开启系统的相机。拍照后会建立一个“条目”，并把所拍照片添加为附件。
2. 给“条目”起一个合适名称加以保存即可。

通过相册添加附件

如果要添加多个附件，可以在“条目”中点击“附件”按钮来添加。参考下面的动图，可以通过相机或相册来添加附件。

扩展阅读：

• 备份与同步（一） 使用密码管理软件时，如何选择适合自己的备份与同步方案
• 备份与同步（二） 如何使用云存储来实现多设备的备份与同步
• 谈安全性与易用性的权衡，PassXYZ与PassXYZ云
• PassXYZ的上下文菜单在不同系统中的比较

PassXYZ是一款跨平台的密码管理软件，可以运行在安卓和苹果手机以及Windows 10上。
PassXYZ基于著名的开源软件KeePass开发，所以兼容KeePass数据格式。PassXYZ的核心代码可以在开源社区GitHub上获取。PassXYZ最大的特点是通过提供大量的个人信息记录模板来分享和传递良好的使用习惯。PassXYZ个人信息管理软件和PassXYZ公众号的目标是通过两者的结合来推动和提高公众的个人信息管理水平。

您可以通过苹果应用商店，微软应用商店，Google Play和华为应用商店搜索关键字PassXYZ来下载该应用。如果您想获得更多模板或对个人信息安全及管理有兴趣，可以搜索关键字PassXYZ关注公众号。您也可以通过微信号passxyz_kpclib来添加此公众号。PassXYZ公众号专注于个人信息安全及管理的相关知识。

PassXYZ 1.7.1和PassXYZ Cloud 2.0.1之后的版本，用户可以自行修改“组”或者“条目”的图标了。如何更改请参考下面的动画图片：

从上图中我们可以看到，更改图标的步骤如下：

1. 选择一个“条目”或“组”的上下文菜单（不同的系统，使用上下文菜单的方法略有不同）。关于不同系统的上下文菜单，可以参考文章“PassXYZ的上下文菜单在不同系统中的比较”。
2. 在菜单中选择“更换图标”后，可以看到一个图标的列表。可以直接选择其中的图标或在搜索栏中搜索相关的图标。
3. 选择好图标后，点击右上角的存储按钮即可。

扩展阅读：

• 备份与同步（一） 使用密码管理软件时，如何选择适合自己的备份与同步方案
• 备份与同步（二） 如何使用云存储来实现多设备的备份与同步
• 谈安全性与易用性的权衡，PassXYZ与PassXYZ云
• PassXYZ的上下文菜单在不同系统中的比较

PassXYZ是一款跨平台的密码管理软件，可以运行在安卓和苹果手机以及Windows 10上。
PassXYZ基于著名的开源软件KeePass开发，所以兼容KeePass数据格式。PassXYZ的核心代码可以在开源社区GitHub上获取。PassXYZ最大的特点是通过提供大量的个人信息记录模板来分享和传递良好的使用习惯。PassXYZ个人信息管理软件和PassXYZ公众号的目标是通过两者的结合来推动和提高公众的个人信息管理水平。

您可以通过苹果应用商店，微软应用商店，Google Play和华为应用商店搜索关键字PassXYZ来下载该应用。如果您想获得更多模板或对个人信息安全及管理有兴趣，可以搜索关键字PassXYZ关注公众号。您也可以通过微信号passxyz_kpclib来添加此公众号。PassXYZ公众号专注于个人信息安全及管理的相关知识。

PassXYZ is a password management software built on top of KeePass library for Android, iOS and Windows 10. KeePass data format is a popular open-sourced password database format used by many KeePass derived applications. However, KeePass can only run on Windows platform by itself. The goal of PassXYZ is to support KeePass database on all major platforms.

PassXYZ has been published in the following two releases to meet the different requirements from KeePass users.

• PassXYZ is a standalone application without any networking capability.
• PassXYZ Cloud is an enhanced version with backup and synchronization functionalities using cloud storage.

This article together with another named “Backup and Synchronization 1, finding the best solution for backup and synchronization when using password management software” introduce how to use cloud storage for backup and synchronization.

PassXYZ Cloud version 1.8.1 and later provides full cloud storage support by adding most of common used storage protocols, such as WebDAV, FTP and SFTP etc. WebDAV, FTP and SFTP are standard storage protocols used by cloud storage.

Backup and synchronization using Box

Box is a popular cloud storage service and can be accessed through WebDAV. We will use Box as an example to explain how to connect a cloud service through WebDAV. You may choose other cloud storage services following the similar setup procedure.

To connect to Box using WebDAV, we can use the following configurations:

• Server: https://dav/box.com/dav
• Login: Your Box login email address and password.

PassXYZ Cloud Setting

To use WebDAV, we need to choose the cloud storage type in PassXYZ settings as below. In order to easily explain the steps to set the cloud storage type, we insert a picture in GIF format with animation.

As we can see from the above picture, the cloud storage type was set to “WebDAV” according to the steps below:
1. Select “Settings” from the menu
2. Choose “Cloud Storage” in the “Settings” page
3. Select “WebDAV” from the popup menu

Create a new entry for Box WebDAV

The information to access Box WebDAV service can be stored in an entry of PassXYZ. We can create a new entry first and use this entry to login to Box WebDAV service. The relevant procedures are shown in the following GIF image.

From the above GIF image, we can see that a new entry has been created with the following steps:
1. Click the “+” button to create a new entry.
2. Select “Using template” from the pull-down menu.
3. Search “WebDAV” from the template and select the entry from the filtered list.
4. Fill in username, password and server URL.
5. Save the entry and a new record is created.

Login to Box

Now we can use the new entry as created above to login to Box. The relevant GIF image is shown below.

As we can see from the above animated image, the steps to login to Box are:
1. Select “Cloud Storage” from the menu.
2. In the “Cloud Storage” page, click the “Login” button.
3. After clicking the “Login” button, a page with available entries for login will be shown. Multiple entries can be seen in this page for us to choose a service available.
4. We can select the Box entry that we just created.
5. After login to Box, a list of data files will be shown. This list includes both local and remote data files.
6. We can use context menu to enable or disable the synchronization with cloud.

In PassXYZ Cloud, the procedures to setup WebDAV, FTP and SFTP are similar to the above steps.

Using Personal Cloud for backup and synchronization

The storage protocols (WebDAV, FTP or SFTP) can be used in personal network storage as well. Below is a setting page of Personal Cloud from Seagate. From this figure, we can see that all protocols (WebDAV, FTP and SFTP) that we mentioned in this article are supported by Seagate Personal Cloud.

PassXYZ Cloud supports WebDAV, FTP, SFTP and OneDrive as cloud storage. Since OneDrive uses a proprietary protocol, the setup procedure is a bit different and has been depicted in another article named “A balance between security and convenience, PassXYZ and PassXYZ Cloud”. You may wish to refer to it, if you want to use OneDrive as cloud storage.

Further reading:

• Backup and Synchronization 1, Finding the best solution for backup and synchronization
• What is multi-factor authentication/MFA? Why MFA can improve the safety of password management database?
• How to use Markdown in Secure Notes of PassXYZ, Markdown and Password Management
• A balance between security and convenience, PassXYZ and PassXYZ Cloud
• A story of password management software, from KeePass to PassXYZ
• Can the passwords be replaced by biometrics like fingerprint or face recognition?

PassXYZ is a cross platform password management software developed using KeePass. PassXYZ can run on Android, iOS and Windows 10.
If you are interested in the personal information management, please add PassXYZ Wechat public account by searching the keyword PassXYZ or link it using Wechat name passxyz_kpclib. The source code of KPCLib can be found at GitHub at https://github.com/passxyz/KPCLib.

You can also find more information about PassXYZ on its website and install it from Google Play, Apple Store and Microsoft Store.

PassXYZ is a password management software built on top of KeePass library for Android, iOS and Windows 10. KeePass data format is a popular open-sourced password database format used by many KeePass derived applications. However, KeePass can only run on Windows platform by itself. The goal of PassXYZ is to support KeePass database on all major platforms.

PassXYZ has been published in the following two releases to meet the different requirements from KeePass users:

• PassXYZ is a standalone application without any networking capability.
• PassXYZ Cloud is an enhanced version with backup and synchronization functionalities using cloud storage.

This article together with another named “Backup and Synchronization 2, Step-by-step guides of password database backup and synchronization using cloud storage” introduce how to use cloud storage for backup and synchronization.

PassXYZ Cloud version 1.8.1 and later provides full cloud storage support by adding most of common used storage protocols, such as WebDAV, FTP and SFTP etc. WebDAV, FTP and SFTP are standard storage protocols used by cloud storage. Even though many popular cloud services, such as OneDrive, Google Drive or iCloud, use proprietary protocol, there are also many cloud services supporting WebDAV, such as Box, DriveHQ and CloudMe etc.

How to choose a solution for backup and synchronization

The users using password management software usually have to balance between security and convenience. Even though data safety is the number one factor to be considered, the convenience also plays an important role as time goes on. Backup and synchronization are major features requested by many users when considering both reliability and convenience, especially, when we have multiple devices and need to access the same database across platforms. Then, how do we choose the solution for backup and synchronization? To answer this question, let’s have a look at the table below first.

From the above table, we can see that we have a few choices according to the data storage solution. Different choices have different features in terms of data safety and convenience of usage. Below is a summary:
1. Local storage: If we use only one device and backup data occasionally, PassXYZ is a good choice for this case.
2. Intranet (home or internal network): This is a choice which can meet both safety and convenient usage requirements. As long as the internal network is safe enough, PassXYZ Cloud can be used and the data should be stored in the internal shared network storage only. However, the users with this option need to know how to setup home or internal network storage.
3. Internet: To use PassXYZ Cloud and store data on internet, this is the most convenient solution. The safety of this solution depends on the knowledge of internet security. The safety can be low to high according to the configuration of PassXYZ, data files and cloud services.

From the above summary, we can see that the best solution may be varying for different users. To choose the best solution, users need to balance between safety and convenience according to their knowledge on data security. For most of the users, they may not have enough knowledge about either cyber security or data security. In this case, they should consider classifying their data into different categories. Personal data can be classified according to the security requirements. For an example, we can have two categories of data as suggested below:

• High security: banking, public services (ID, passport etc.)
• Normal: Social media, email or network services etc.

Of course, you may have three or four categories according to your own preferences. After classifing your data, you may find that the data with higher security requirements usually have a longer life cycle and require less changes over the time. On the other hand, most frequently changed data require less security and normally have a shorter life time. As such, you may choose the above listed solutions according to the classification of your data. You may use local storage and backup manually for the most important data and, at the same time, choose to store your data which need to be changed frequently on the network storage.

After choosing the solution which is suitable for your needs, you may start to read another article “Backup and Synchronization 2, Step-by-step guides of password database backup and synchronization using cloud storage” which tells you how to backup or synchronize data with PassXYZ Cloud.

Further reading:

• Backup and Synchronization 2, Step-by-step guides of password database backup and synchronization using cloud storage
• What is multi-factor authentication/MFA? Why MFA can improve the safety of password management database?
• How to use Markdown in Secure Notes of PassXYZ, Markdown and Password Management
• A balance between security and convenience, PassXYZ and PassXYZ Cloud
• A story of password management software, from KeePass to PassXYZ
• Can the passwords be replaced by biometrics like fingerprint or face recognition?

PassXYZ is a cross platform password management software developed using KeePass. PassXYZ can run on Android, iOS and Windows 10.
If you are interested in the personal information management, please add PassXYZ Wechat public account by searching the keyword PassXYZ or link it using Wechat name passxyz_kpclib. The source code of KPCLib can be found at GitHub at https://github.com/passxyz/KPCLib.

You can also find more information about PassXYZ on its website and install it from Google Play, Apple Store and Microsoft Store.

PassXYZ是一款基于KeePass开发的支持Android，iOS和Windows 10的跨平台密码管理软件。KeePass本身是一款流行的开源的密码管理软件，但官方版本只支持Windows。PassXYZ除了支持多个平台外，对移动端的用户体验进行了较大的提升。

PassXYZ根据用户的需要发行了两个定制的版本：

• PassXYZ本身是一款离线应用，不具有任何网络功能。
• PassXYZ云版，在PassXYZ的基础上增加了通过网络存储实现备份和同步的功能。

本文和另一篇文章“备份与同步（一） 使用密码管理软件时，如何选择适合自己的备份与同步方案”，主要介绍如何使用云版的功能。用户可以根据自己的需要选择适合自己的备份与同步方案，并了解如何使用PassXYZ云版来进行备份与同步。

在PassXYZ云版1.8.1之后的版本，通过对WebDAV，FTP和SFTP的支持，我们可以使用多种网络协议支持云存储。WebDAV，FTP和SFTP都是标准的网络存储协议，所以即可以在公有云中使用，也可以在个人网络存储设备中使用。一般的个人云产品如Seagate的Personal Cloud或Western Digital的My Cloud等，对上面三种协议都支持。公有云有部分使用通用协议，但多数都使用非标准协议。虽然常用的公有云 ，如OneDrive，Google Drive，iCloud或百度云等，使用的是非标准的网络协议，但也有很多公有云服务支持标准网络存储协议，如Box，DriveHQ和坚果云等支持WebDAV。

使用坚果云实现多设备间同步

下面以坚果云为例，来说明如何在PassXYZ 云版中使用标准网络存储协议WebDAV。若使用支持FTP和SFTP的网络服务，其相关设置的步骤是跟WebDAV类似的。

在坚果云设置中添加应用密码

首先，要使用坚果云的WebDAV服务，需要在坚果云的设置中添加应用密码如下图：

为了增加第三方访问坚果云的安全性，任何第三方应用访问坚果云都需要一个单独的应用密码。如果有任何问题，可以在设置中随时撤销授权。在PassXYZ云版里使用坚果云，可以添加一个PassXYZ的应用密码。图中显示的“服务器地址”，“邮箱地址”和“应用密码”会在接下来的步骤中使用。

PassXYZ中云存储的设置

有了应用密码后，就可以在PassXYZ云的设置中将云存储类型设为WebDAV。

在上图中选择了 “云存储”后，就可以看到下图中所列的选项。请选择其中“WebDAV”。

添加坚果云记录

接下来就可以设置坚果云的访问信息了。因为坚果云的访问信息就是一条可以记录在PassXYZ中的密码资料，所以我们可以先建立一条相关的记录，再用这个记录来登录坚果云。为了精简贴图数量，也为了更直观地了解使用方法，下面用了一张gif格式的动画贴图加以说明。

上图中的步骤说明如下：
1. 在模板中搜索并选择WebDAV服务
2. 添加之前设置好的用户名、应用密码和服务器地址等，并保存

在完成上述步骤后，我们就得到了一条存有坚果云账户信息的记录。

使用坚果云记录登陆

使用上面建立的记录，就可以在菜单中选择“云存储”来登录坚果云了。同样地，为了方便了解，我们还是用一张动画贴图来说明：

登录步骤说明如下：
1. 在菜单中选择“云存储” ；
2. 在“云存储”页面中点击“登录”按钮；
3. 点击登录按钮后会显示一个登录信息的选择页面，在此页面中选择之前建立的记录。如果我们建立了多个云服务的记录，它们都会显示在列表中。所以如果使用多个云服务，可以很方便地在各个服务之间切换；
4. 登录后会显示所有当前的本地和云端的数据库；
5. 可以使用上下文菜单将本地数据库同步到云端。

在PassXYZ云版中，我们可以通过以上几个步骤来使用一个云服务。这些步骤对WebDAV，FTP和SFTP来说都是类似的。

使用个人网络存储设备进行同步与备份

在家用的网络存储设备中，WebDAV，FTP和SFTP等协议也会经常用到。通过这些服务可以使用个人云来进行同步和备份。下图是一个Seagate的Personal Cloud设置，从中可以看到，Personal Cloud对WebDAV，FTP和SFTP都支持。

WebDAV，FTP和SFTP都是标准存储协议，所以使用方式类似。若您想使用OneDrive，请参阅另外一篇文章“谈安全性与易用性的权衡，PassXYZ与PassXYZ云”。OneDrive的使用和标准存储协议略有不同。

扩展阅读：

• 备份与同步（一） 使用密码管理软件时，如何选择适合自己的备份与同步方案
• 什么是多因素验证？为何要使用多因素验证来保障密码管理的安全？
• 面对大量的用户数据泄露事件，普通用户该如何保护个人的网络信息安全？
• 如何使用Markdown来做安全笔记，谈Markdown和密码管理软件的关系
• 谈安全性与易用性的权衡，PassXYZ与PassXYZ云
• PassXYZ的上下文菜单在不同系统中的比较

PassXYZ是一款跨平台的密码管理软件，可以运行在安卓和苹果手机以及Windows 10上。
PassXYZ基于著名的开源软件KeePass开发，所以兼容KeePass数据格式。PassXYZ的核心代码可以在开源社区GitHub上获取。PassXYZ最大的特点是通过提供大量的个人信息记录模板来分享和传递良好的使用习惯。PassXYZ个人信息管理软件和PassXYZ公众号的目标是通过两者的结合来推动和提高公众的个人信息管理水平。

您可以通过苹果应用商店，微软应用商店，Google Play和华为应用商店搜索关键字PassXYZ来下载该应用。如果您想获得更多模板或对个人信息安全及管理有兴趣，可以搜索关键字PassXYZ关注公众号。您也可以通过微信号passxyz_kpclib来添加此公众号。PassXYZ公众号专注于个人信息安全及管理的相关知识。

PassXYZ是一款基于KeePass开发的支持Android，iOS和Windows 10的跨平台密码管理软件。KeePass本身是一款流行的开源的密码管理软件，但官方版本只支持Windows。PassXYZ除了支持多个平台外，对移动端的用户体验进行了较大的提升。

PassXYZ根据用户的需要发行了两个定制的版本：

• PassXYZ本身是一款离线应用，不具有任何网络功能。
• PassXYZ云版，在PassXYZ的基础上增加了通过网络存储实现备份和同步的功能。

本文和另一篇文章“备份与同步（二） 如何使用云存储来实现多设备的备份与同步”主要介绍如何使用云版的功能。用户可以根据自己的需要选择适合自己的备份与同步方案，并了解如何使用PassXYZ云版来进行备份与同步。

PassXYZ 云版在1.8.1之后提供了较为完整的云存储支持。在此之前的版本只支持OneDrive作为云存储，从1.8.1版开始，除了支持OneDrive以外，还增加了常用的云存储协议如WebDAV，FTP和SFTP等。通过对WebDAV，FTP和SFTP等常见存储协议的支持，用户既可以选择如国外的Box，DriveHQ或者国内的坚果云等公有云，也可以选择个人云存储产品如Seagate的Personal Cloud或Western Digital的My Cloud等。

关于这一主题，会分别通过下列两篇文章来介绍：
1. 备份与同步（一） 在使用密码管理软件时，如何选择适合自己的备份与同步方案
2. 备份与同步（二） 如何使用云存储来实现多设备的备份与同步

如何选择适合自己的存储方案

使用密码管理软件的用户通常会在安全性和方便性之间权衡适合自己的方案。虽然安全性是最重要的考虑因素，但方便性对长期使用者来说也不言而喻。云存储所提供的最主要功能是自动备份和同步。如何能同时兼顾安全性和方便性呢？我们来看下面这张表格：

通过上面的表格我们可以看到，不同的方案有不同的特点。根据对不同存储方法的总结，我们可以得到下面三种选择：

1. 离线存储：使用离线产品PassXYZ。PassXYZ本身无任何网络访问能力，是一款离线应用。
2. 个人云或内部网：通过PassXYZ云版只在内部网使用。只要内部网本身的安全性够高，这个方案与方案1的安全性类似。但如何配置好内部网，使用者需要对网络安全有一定层度的了解。不是每个用户都可以轻易配置好高安全性的内部网或家庭网的。
3. 公有云或互联网：使用PassXYZ云版和公有云。这是最方便和容易使用的方案，但安全性取决于个人的使用习惯。所以在上表中，这个选项的安全性从低到高都有可能。

从上面的总结可以看出，要达到最佳的使用效果，除了要选择适合的方案外，使用者的使用习惯和对网络安全知识的了解也要有一定的要求。而对大多数用户来说，如果还没有积累足够多的使用经验，对网络安全知识也不够了解的话，建议可以考虑将个人资料分类管理。

所谓的分类，是将资料根据安全性分类。可以将资料先粗略的归为高安全性和一般性两类：

• 高安全性的如：银行，重要公共服务（社保或公积金等）
• 安全性要求一般的如：邮件，社交媒体或常用网络账号等

当您将个人资料分类后，您会发现，往往重要资料具有的特性是生命周期长，不常更改，主要用于查询。而安全性一般的资料，通常生命周期短，且常常需要更改。根据这样的分类，可以将重要资料用方案1或方案2来管理，而安全性一般的资料使用方案3管理。对资深用户来说，方案2应该是最佳选择。如果实在有需要的话，也可以选择性地使用方案3来配合。

当您决定了合适的同步与备份方案后，可以阅读另一篇文章“备份与同步（二） 如何使用云存储来实现多设备的备份与同步”了解备份与同步的使用方法。

扩展阅读：

• 备份与同步（二） 如何使用云存储来实现多设备的备份与同步
• 什么是多因素验证？为何要使用多因素验证来保障密码管理的安全？
• 面对大量的用户数据泄露事件，普通用户该如何保护个人的网络信息安全？
• 如何使用Markdown来做安全笔记，谈Markdown和密码管理软件的关系
• 谈安全性与易用性的权衡，PassXYZ与PassXYZ云
• PassXYZ的上下文菜单在不同系统中的比较

PassXYZ是一款跨平台的密码管理软件，可以运行在安卓和苹果手机以及Windows 10上。
PassXYZ基于著名的开源软件KeePass开发，所以兼容KeePass数据格式。PassXYZ的核心代码可以在开源社区GitHub上获取。PassXYZ最大的特点是通过提供大量的个人信息记录模板来分享和传递良好的使用习惯。PassXYZ个人信息管理软件和PassXYZ公众号的目标是通过两者的结合来推动和提高公众的个人信息管理水平。

您可以通过苹果应用商店，微软应用商店，Google Play和华为应用商店搜索关键字PassXYZ来下载该应用。如果您想获得更多模板或对个人信息安全及管理有兴趣，可以搜索关键字PassXYZ关注公众号。您也可以通过微信号passxyz_kpclib来添加此公众号。PassXYZ公众号专注于个人信息安全及管理的相关知识。

With the respective releases of PassXYZ (1.5.4) and PassXYZ Cloud (1.6.4), you can now use PassXYZ or PassXYZ Cloud to manage your one time password. One time password (or OTP) is used by many internet service providers as the security method to improve the safety of user information.

In the past, I used to use both Google Authenticator and Microsoft Authenticator to generate OTP for respective accounts. Recently, I changed my mobile from iPhone to an Android phone since I need two SIM cards’ support. Thereafter, I found problems with both Google Authenticator and Microsoft Authenticator on the new Android phone. As there is no built-in Google Service on the Android phone in China, I cannot install Microsoft Authenticator on my new phone. I have tried to install Google Authenticator on the new phone. Even though I managed to install it, it seems that the Google Authenticator cannot work well without Google Service.

Therefore, when I was working on the PassXYZ development, I considered to add this function in PassXYZ. If PassXYZ supported OTP, I could also resolve another issue which is the backup of OTP setup. As you know, with either Google authenticator or Microsoft authenticator, if you change to a new phone, you have to setup all accounts again on the new device. However, with PassXYZ, the only thing that we need to do is to re-synchronize the database. That’s the reason why I have brought this feature to the new releases of PassXYZ/PassXYZ Cloud.

Two Factor Authentication and One Time Password

Two factor authentication, or 2FA, is the most frequently used multi-factor authentication method. In 2FA, besides the username and password, one more authentication factor will be used. The most popular additional authentication method used nowadays is One Time Password (or OTP).

There are two ways for the end users to get one time password during an authentication session.

• Send an OTP through SMS
• Generate an OTP using a hardware or software token generator

Hardware-based token generators are popular in the past, but they are gradually replaced by software token generators due to the costs. The hardware tokens are still used today in some applications. For example, the popular hardware tokens used nowadays are for banking applications, like the one as shown below.

As we can see, these hardware tokens used by the banks are more complicated comparing to the common used time-based OTP. The common OTP solution for most internet service providers are time-based OTP based on rfc4226 and rfc6238, such as Google Authenticator. In this article, we will discuss time-based OTP based on rfc4226 and rfc6238.

Standard of Time-based OTP

For the time-based OTP, the default standards are rfc4226 and rfc6238. They are used by major service providers, such as Google, Facebook, GitHub, Dropbox, Microsoft or Aliyuan etc.

Most people may not know what are rfc4226 and rfc6238. RFC means “Request for Comments”. It is used to propose a standard for the standards organization. Both rfc4226 and rfc6238 are the proposed standards for OTP implementation. Rfc4226 is a RFC for event-based OTP whilst rfc6238 is for time-based OTP.

Why to use 2FA

Why we use 2FA? This is because the authentication based on username and password is vulnerable to the attack. As you might be aware, there were about 50 millions Facebook user profiles affected by the recent data breach in 2018. You might have seen the below message when you login to your Facebook account.

Hackers gain the access to the system utilizing the flaw of Facebook so that they can obtain user database as they wish. One way to improve the safety of our account is to turn on the multi-factor authentication. Same as other service providers, Facebook supports both software-based OTP token and SMS-based OTP token.

Let’s take the Facebook as an example to demonstrate how to enable 2FA to improve the account safety.

Store Account Information in PassXYZ

Before talking about two factor authentication for Facebook, you need to register a Facebook account first. Once the account is created, the best practice is to record down the relevant information using a password management app such as PassXYZ. To save the Facebook account information, you can choose Facebook from the PassXYZ template as shown below.

After selecting Facebook from the above figure, you can see the screen as shown below which can be used to enter the account information for Facebook.

The information that can be recorded includes name used for Facebook, email address, password and mobile number, etc. For any additional information, it can be taken down in the “Notes” section. After filling in all the information, the record can be saved by clicking the “Save” button at the top right corner. There are four buttons at the top right corner which are:

• Scan - scanning QR code to setup OTP
• Attach - attaching pictures or documents to the record
• Cancel - cancelling the editing
• Save - Saving the record

We will discuss on the “Scan” button shortly.

Turn on 2FA

To turn on 2FA for Facebook, you can use a browser from your PC or laptop. Once you login to Facebook from a browser, the setting for 2FA can be found in “Security and Login” section as shown below.

As shown above, you can find an option “Use two-factor authentication”. By clicking the “Edit” button at its right hand side, you will see another page as shown below.

As you can see from the above screenshot, the preferred method is “Authentication App” as shown at the top. Other backup methods are available as well, such as “Text Message”, “Security Key” or “Recovery Codes” etc.

After choosing “Authentication App”, a popup window will be show as below.

Now you can see that there is a QR code at the left hand side which can be used to setup the OTP in a software OTP generator. You can scan it using the “Scan” button as mentioned above when we edit the account information for Facebook. Once you scan the QR code, you can start to use PassXYZ as a software OTP generator.

In the menu of PassXYZ, there is an option “OTP” which will show all the OTP tokens within one page. Please refer to the below screenshot of the OTP page in PassXYZ.

In this page, you can see multiple OTP tokens which are shown in the same page. Each row is for one service account. You can find “Facebook” at the bottom of the screen. Most of the OTP settings generate a new code every half or one minute. The timeline below the code shows the remaining time for the current code.

Recovery Codes

In the 2FA setup of Facebook, there are some additional backup methods available as we introduced above. One of them is “Recovery Codes”. This is a mechanism used by most of the service providers to prevent the issues during the login. For an example, assuming in an emergency case during the login, you could not get the OTP through SMS due to the network issue. At this time, you would be able to use “Recovery Codes” to login. “Recovery Codes” are one time password as well. They can usually be generated in a group of ten at a time. You may keep them in the “Notes” section of PassXYZ. But please make sure to remove any of the used codes from the “Notes” once you finished using, for, they are one time use only.

Beta testing of PassXYZ and PassXYZ Cloud

In order to get feedback for the new functionalities as much as possible, the beta test versions for both PassXYZ and PassXYZ Cloud are available at the app stores. The beta versions can be installed from the app stores as below:

iOS:

• PassXYZ Cloud:
  https://testflight.apple.com/join/UDDw3AJf
• PassXYZ:
  https://testflight.apple.com/join/hAiiGJRJ

Android:

• PassXYZ Cloud:
  https://play.google.com/apps/testing/com.passxyz.cloud
• PassXYZ:
  https://play.google.com/apps/testing/com.passxyz.PassXYZ

Windows 10:
The beta version for Windows 10 is available as well, but there is no test link as Android or iOS. To join the beta test group, you can send the email address of your Microsoft account to our email address passxyz@foxmail.com.

Summary

We have introduced what two factor authentication is and the most frequently used two factor authentication method One Time Password. Based on the introduction, we explained how to use PassXYZ as a tool to record account information and to generate OTP. PassXYZ uses the same open source implementation of rfc4226 and rfc6238 as Google Authenticator. Thus, it can be used as the OTP generator for all the cases which Google Authenticator can be used. PassXYZ is a cross platform application which supports Android, iOS and Windows 10.

Further reading:

• What is multi-factor authentication/MFA? Why MFA can improve the safety of password management database?
• How to use Markdown in Secure Notes of PassXYZ, Markdown and Password Management
• A balance between security and convenience, PassXYZ and PassXYZ Cloud
• A story of password management software, from KeePass to PassXYZ
• Can the passwords be replaced by biometrics like fingerprint or face recognition?

PassXYZ is a cross platform password management software developed using KeePass. PassXYZ can run on Android, iOS and Windows 10.
If you are interested in the personal information management, please add PassXYZ Wechat public account by searching the keyword PassXYZ or link it using Wechat name passxyz_kpclib. The source code of KPCLib can be found at GitHub at https://github.com/passxyz/KPCLib.

You can also find more information about PassXYZ on its website and install it from Google Play, Apple Store and Microsoft Store.