Tusk KeePass password web browser extension

Martin Brinkmann
Jan 17, 2018
Firefox, Firefox add-ons, Google Chrome, Google Chrome extensions
|
15

Tusk is a relatively new web browser extension for Chrome and Firefox -- and also compatible web browsers -- that adds support for KeePass password manager databases in supported browsers.

KeePass is my password manager of choice. I have multiple reasons for that, for example, that I have full control over the data and that the software passed a security audit recently.

I don't need sync or autofill functionality, mobile applications or online storage, but KeePass supports that through plugins, third-party programs or browser extensions. Users who require the functionality can use these tools to add it.

Tusk browser extension

Tusk is a browser extension that loads KeePass databases to make the authentication data available on the Web. The browser extension does not depend on a local KeePass extension but loads KeePass database files directly from cloud storage or the local system.

One limitation of Tusk is that you do need access to a KeePass database. If you don't have created one in the past already, you need to use KeePass or a compatible application to create a database file.

Installation of Tusk is a breeze. The extension adds an icon to the browser's main toolbar that you interact with. The extension loads a "getting started" guide on the first run that walks you through the steps of setting Tusk up correctly.

What you need to do is load a KeePass database either from a supported cloud hosting service, a shared link, or the local file system. You may load a sample database file as well to test the functionality without loading one of your databases.

Tusk supports keyfiles. Keyfiles improve security of KeePass databases and add a second factor to the authentication process.

The loading of the password database is just the first step of the process. Once you have done so, you need to click on the extension's icon in the browser's toolbar, fill out the master password, and click on unlock the database. The extension remembers the master password only for a period. The maximum is 8 hours or until the end of the browser session.

Tusk does not have access to the database file until it is unlocked, and it is read-only which means that it does not get access to the cloud storage and does not manipulate the database in any form.

Tusk is a fork of CKP, a browser extension for Google Chrome. The main goal of the extension is to improve the user interface, offer better security, and support for the KeePass KDBX 4 format.

Tusk can auto-fill usernames and passwords on sites but there is no option to save data to a loaded database. It is an open source application; you can check out the source of the extension on GitHub.

Closing Words

If you use KeePass or a compatible program and like better browser integration, Tusk may be what you are looking for. The extension had a couple of minor hiccups during setup and use, but nothing major.

Now You: Do you use a password manager? If so which, and why?

Related articles

Summary
software image
Author Rating
1star1star1star1stargray
5 based on 5 votes
Software Name
Tusk
Software Category
Browser
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. XenoSilvano said on March 25, 2018 at 4:58 pm
    Reply

    I am already using the Kee WebExtention

  2. Clairvaux said on January 19, 2018 at 7:47 pm
    Reply

    The screenshot says you need to put your password database in the cloud. The text says it can be local. Which is it ?

    1. Hans van Meteren said on January 26, 2018 at 9:44 pm
      Reply

      See the scroll bar to the right and look at te page itself.

  3. Timson said on January 19, 2018 at 8:52 am
    Reply

    All such browser extensions completely defeat the point of offline (non-cloud) password databases. Because you DO entrust all your passwords to a cloud – Google Chrome Store in this case.
    Any person acquiring access to developers Google account (or developer himself) can in no time deploy the malicious version of the extension on all machines using this via Chrome Store update push, sending all databases with keys to the attacker. Or they can access them selectively to avoid detection.

  4. clas said on January 18, 2018 at 1:37 pm
    Reply

    Password stuff is always a good topic. Martin, i agree with your choice. keepass or password safe. for me, the cloud is not an option for financial or password related stuff. maybe music or movies but nothing really important. and there is not a browser that i really trust so no password addons for me…copy and paste is plenty quick and clipboard is cleared with minimize. a well-thought-out set up. always appreciate your blogs. Clas

  5. Belga said on January 18, 2018 at 1:22 pm
    Reply

    I don’t need this too and use Keepass in local (considering that I forbid myself to use the cloud for anything).

  6. Analyst said on January 18, 2018 at 1:19 pm
    Reply

    Doesn’t this defeat the point of keeping your KDBX offline? Away from your hijacked web browser?

  7. Robert said on January 18, 2018 at 6:36 am
    Reply

    Tried it and it doesn’t seem to have the ability to use a local file. If I have to upload my keepass db to the cloud, what’s the point of Tusk?

    The only local options was in chrome app data (one time!!) ? So the cloud is the only option?

    Well, that’s great…nothing ever happens to data on the internet right?

    For the time being keefox seems the only (albeit lousy) option.

    1. Cloudman said on January 19, 2018 at 12:53 pm
      Reply

      Settings > manage database > file system

      1. Robert said on January 19, 2018 at 10:23 pm
        Reply

        Sure, to Chrome local storage. No one would ever upload it from there without the use know it right?

  8. mastad0n said on January 18, 2018 at 2:10 am
    Reply

    It’s a good addon and the creator is a nice person.

  9. Brandon said on January 18, 2018 at 12:38 am
    Reply

    Please also note that Tusk is a derivative of CKP, but has patches and design changes that keep it from being vulnerable to https://subdavis.com/blog/jekyll/update/2017/01/02/ckp-security-flaw.html

  10. Ed V said on January 18, 2018 at 12:31 am
    Reply

    I have downloaded and intended to use KeePass several times, but have been intimidated by not really understanding how to set it up and use it.

    Do you have a recommendation for a clear, concise user guide to Keepass?

    Like you, I prefer to control my own date, but might wish to avail myself of sync, autofill, mobile acesss, and even or online storage. But that’s another level of complexity (intimidation) I’ve been put off by.

    I’m sure if I had someone to walk me through it, it would be easy. Without that, a comprehensive user guide or walk-through would be wonderful.

    Thanks for all your great posts!

    1. Clairvaux said on January 19, 2018 at 7:44 pm
      Reply

      I agree Kee Pass looks intimidating at first sight. My advice, though, is to overcome this first impression. You don’t need to use all features, far from it. Create a password database, create a few passwords (never mind the options), and you’ll soon master the basics.

    2. TS said on January 19, 2018 at 6:36 pm
      Reply

      Honestly, just import your passwords and play around with it. That’s all I did. I installed KeeFox and pointed it towards the local file. Then I added it to my Dropbox and pointed KeeFox to that.

      KeePass has a lot going on under the hood. I got tired of manually updating my passwords for all the subdomains for my work, since they were the same.
      For example, tickets.domain.com, mail.domain.com, and testing.domain.com are all using the same username and password. So I ended up googling if there was a way to link to the passwords and there is. Import and just play around is the best advice I can provide.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.