Own Your Own Credentials with Buttercup Password Manager
Xander Smalbil Mar 29 '17
Let's start by saying: Hey folks this is NOT sponsored content! So keep on reading, knowing that I just want to share something I discovered today. Mind that this is not a scientific article and probably contains a lot of fallacies and other stuff that will be turn your stomach around.
UPDATE(11/04/2017): Local archives will be added soon
Companies can't be trusted
This does not mean that companies are evil. It means that there companies like LastPass are potential goldmines for hackers. Therefore we have to consider that there might be chance that they will get compromised. Just the times we live in.
If the argument above does not satisfy, then maybe skip it and pretend it says "Network connections can't be trusted". Whatever argument you need in order to try something new, will work. I just really wanted to have something locally and something other then Keepass.
While I was looking for a way to store my credentials without having to resort to some company-managed passwordmanager(LastPass, Dashlane, LogMeIn, etc), but I also do to be able to share these credentials with my team.
Some of you might be using Keepass or something similar. In this article I would like to show you something that looks sexy and supports Keepass import. So if you like what you read here and you want to try Buttercup, you can import your Keepass keys into it.
"The Password Manager You Deserve."
Buttercup.pw is an opensource password manager which stores your credentials in archive files that can be stored wherever you desire.
It has a desktop app in which you can view and edit your credentials and a companion Chrome browser extension for easy acces when logging into your online services.
The browser extension supports the following password archive sources:
It is a shame that some local source is missing, but we can hack around this problem by selecting WebDAV and setting up a local server using Laravel Valet.
1. Install Buttercup's desktop app
It can easily be installed through Homebrew. There is also a link on the homepage of Buttercup(or click here).
Open up the terminal and type the following at the prompt:
$ brew cask install buttercup
2. Install Buttercup's browser extension
To be able to fill forms with your stored credentials, you need to install the browser extension. You can do this through the
chrome web store
3. Install Laravel valet
Just follow the instructions in the Laravel Valet documentation.
4. Create a WebDAV folder
Go to the folder in which you mounted Laravel Valet and create a new site.
In my case I have a Code folder in my user directory. There I will create a new site called
$ mkdir ~/Code/buttercup
We need to add a
public folder and create an Buttercup archive and an
index.php in it. The index.php is needed, so that the server won't give a 404 response while connecting.
$ mkdir ~/Code/buttercup/public && touch ~/Code/buttercup/public/index.php
5. Secure WebDAV with a password file
Run the following command to add a password file in the public folder, which is needed to establish a connection through the browser extension:
$ htpasswd -c ~/Code/buttercup/public/passwd.dav your_username
You can change 'your_username' to whatever you want. After you did this, you will be asked to enter a password. Do this and you are done.
6. Create a local password archive
Now open the Buttercup desktop app and select
New archivethrough the menu. Store this archive in the
You will be prompted to add an master password. Do this.
7. Connecting to WebDAV using the browser extension
Open Chrome and go to Buttercup's extension's settings.
- Click "Add archive"
- Select "WebDAV"
Fill in the following information:
|Label||Fill with this|
|Title||Some smart title|
|Archive password||the master password you've chosen(see step #6)|
|WebDAV address||https://buttercup.dev (see step #4)|
|WebDAV username||the username you entered(see step #5)|
|WebDAV password||the password you entered(see step #5)|
|Remote archive path||filename of the archive. In my case
Connect and all should be connected. You can open the desktop app and add credentials, which will be available through the browser's extension.
I am going to try this out for a while and see if it grows on me. At this moment it feels like a great tool.
Have fun folks.