This page looks best with JavaScript enabled

How-To create a Keybase account

Creating a Keybase account is simple but there is one step most users are skipping …

 ·  ☕ 6 min read  · 
❄️ ᜌᜓᜃᜒ (Yuki)
Fediverse Follow

Freedom, anonymity, privacy, & security, are the most important part of our lives, and this is especially true today as we move faster into the digital world. We need to secure our online communications to prevent anyone from listening. We need to prove the identity of the other person we are working with. We need an easy way to use encryption to keep private data from being seen by unauthorised individuals.

There are various software, apps, services, available which offers one, two, or maybe three features mentioned. However, there is one which is largely ignored, that is Keybase.

What is Keybase?

To put it simply, Keybase is a tool which makes it easier for regular users to do encryption and signing. Private stuff stays private. Accounts are secure against spoofing, phishing, and scamming. It also helps in establishing which online accounts are officially owned by a Keybase user, effectively nullifying online attacks through impersonation.

  • Accounts: Keybase accounts are trustworthy and secure.
  • Chat: Chat with friends and family. Share photos, videos, and top secret documents.
  • Files: Individuals get 250 GB while Teams get 100 GB of storage, both free permanently. Anything you add to Keybase Files is automatically end-to-end encrypted and signed by you. When a file is signed by you, your private key is used in the encryption. When it's decrypted, your recipient knows for certain it came from you. Rest assured, they won’t be able to see or guess your private key.
  • Teams: Use Keybase Chat, Files, and Git with groups of people, all end-to-end encrypted. What you and your team share, store, and commit stays between you and your team.
  • Sites: Build and host a simple website.
  • Wallet: Send, receive, and exchange funds.
  • Git: Create and share private repositories.
  • Tools: Encrypt, decrypt, sign, and verify messages and files.
  • Privacy Only your intended recipients can access what you share and store on Keybase. No one else can access your data—not even Keybase, which also means we can't and won't ever sell it.
  • Security Your Keybase account is protected by public-key cryptography. Your devices are cryptographically linked to your account, ensuring that only you can access it. Proofs and following help ensure that you’re really you on Keybase. They’re backed by public-key cryptography.
Keybase Book

In other words, every person who takes their freedom, anonymity, privacy, & security very seriously must have a Keybase account.

Let’s get you started with Keybase

The first thing to understand is registration through a web browser is not possible by design and for security reasons. New users must download Keybase which is available in GNU/Linux, Android, iOS, and Windows: download Keybase here.

* We’re using Keybase for Android below, the process is the same regardless of platform.

  1. Launch Keybase
  2. Click the "Create an account" button
  3. Pick a username. Mandatory; public; permanent
  4. Name this device. Mandatory; public; permanentThis can be any name/label useful for you to identify which device (laptop, desktop, server, phone) you logged-in your Keybase account.
  5. Phone number. Optional; private Used to help other people find your Keybase account.
  6. Email address. Optional; private Used to help other people find your Keybase account.

Congratulations! You have successfully created a Keybase account and have taken your first step in establishing a way for others to prove your online identity beyond any reasonable doubt as well as to chat, share files, collaborate with your team, with a peace of mind everything is automatically end-to-end encrypted and signed.

Create a “Paper Key” for recovery

Establishing a way for others to prove our online identity, chat with family & friends, and collaborate with teams, would be practically useless if we later can not login our account. In Keybase, each [re]-installation is considered a “new device” regardless if it was exactly the same device used.

What is a “device”?

A “device” in Keybase is simply an access point or a “device” where an account is logged-in.

Registering each devices creates another security layer, if a phone was stolen one can simply “Revoke” the device. If for some reason the account was not automatically logged-out, any actions made from the “Revoked” device is automatically invalid.

Let’s create a new paper key.

  1. Go to the "Hamburger Menu" (lower-right corner in Android and iOS)
  2. Click "Devices"
  3. Click "Add a device or paper key"
  4. Click "Create a paper key"
  5. Wait until the random words (a.k.a. paper key) are generated Write your paper key down and place it somewhere safe and fully secure. This can be in your bank stash where only you can access; or in a 2048-bit encrypted file which only you knows how to decrypt and where the encrypted file is located.
    Never ever leave it where anyone can easily find it. If they know what it is for, then they know how valuable it is.
  6. Tap the switch button "Yes, I wrote this down"
  7. Click "Done"

What is a “Paper Key” for?

A Keybase paper key is technically a “device”. It’s main purpose is to give the account owner a way to confirm a “new device” if a registered literal device is not or no longer available.

Many new Keybase users skip this step, uninstalls Keybase, and later can no longer login because they are stuck in the “new device” process. Without an existing device logged-in to Keybase you can not confirm a “new device”. A paper key acts as an “existing device” to approve a “new device”. The used paper key can be optionally revoked and a new one created (a very good practice); or create a new paper key every three months (an even better practice).

There is another way to recover a Keybase account if a paper key is not available. The catch with this method is your Keybase account will be reset back to start, all confirmed online accounts, domain names, devices, teams, followers, following, will be removed; it is as if you created a new account. The reason behind this is if you no longer have access to any of your “devices” (including your paper keys if you created any), then it is assumed all of your devices were lost and/or compromised.

Welcome to Keybase! Before you start exploring Keybase, noticed how you were not asked to enter a password/passphrase? It is only used if you want to login via a web browser—which is not advisable—and if you prefer to auto-logout when you close the Keybase app (an added security; if you reinstalled Keybase it will be considered a “new device”). We will discuss this another day.

Did you like it? Do share this post, leave a comment below, and send me a gift! (opens in a new tab/window)

comments powered by Disqus