14/10/2011: Review: KeePass Password Safe

Friday, October 14, 2011 by Matt Woodward | Taxonomy: , , , , | 1 Comment

Keepass - Password Management SoftwareI thought I’d share a review of one of my favourite pieces of software, KeePass! This software is essentially a password manager which allows you to store you passwords safely within an encrypted file; think of it as the digital version of your black book that you’ve been keeping “safely” in your draw at home or in the office – but a lot safer and completely free!

KeePass takes all of a few minutes to install. The premise is that you create a password database file (*.kdb / *.kdbx extension) and specify a strong master password to allow you access to the database and hence all of your passwords.

KeePass supports a number of features to enhance password security:

  • Master Password transformations (under File > Database Settings > Security) to further strengthen your master password’s security and reduce the risk of dictionary attacks.
  • Password generator – to create passwords for you. Combine this with the auto-type feature and you can always use strong passwords without a need to remember them – awesome!
  • Run-time memory protection (i.e. encrypting your passwords in your PC’s memory when you copy them from KeePass). This prevents other applications from accessing your password.
  • Password Change recommendations & enforcement (to ensure your passwords are changed regularly)
  • Clipboard auto-clear (to automatically remove passwords from your clipboard after a certain number of seconds)
  • Automatic work-space locking  (i.e. automatically password protect KeePass when you minimise it, or lock the computer)
  • and plenty of others, read here for more.

One of my favourite productivity features that KeePass provides is an auto-type feature which will automatically type your user name then send a <tab> then type your password, send another <tab> then hit <enter> for you. Meaning all you have to do is give the initial password field focus (i.e. click in it) then right-click your password and choose Perform Auto-Type to be logged in – easy peasy!

KeePass makes using strong passwords easy and gives you the ability to organise and manage your passwords effectively for both individuals and teams.  I have found this software ideal for both home and office use (especially in companies where storing passwords in your browser is against IT Policy) and thoroughly recommend you check it out.

Enjoyed this? Then why not follow us on Twitter @FairGoSolutions, subscribe to our RSS Feed or use a Trackback.

One response to “Review: KeePass Password Safe”

  1. As an aside, you should bear in mind that the master password alone shouldn’t be your only protection here (i.e. ensure you store the file in a secure location) but as long as you choose a strong password you’ve taken a good step forward from relying on that little black book! Consider the following strong password guidelines:

    – The password should be at least ten characters long (this is a master password so 6 characters just wont cut it!)
    – The password should contain characters from at least three of the following five categories:

    – English uppercase characters (A – Z)
    – English lowercase characters (a – z)
    – Base 10 digits (0 – 9)
    – Non-alphanumeric (For example: !, $, #, or %)
    – Unicode characters

    To give you an idea think of the following combinations to get you started:

    – A favourite board game combined with a 4 digit year, a capital letter and a special character e.g. Monopoly2004$
    – A favourite holiday destination with some letters substituted with numbers, some capitals and including a special character e.g. Lo5Ang3l3$
    – A favourite lyric including a year, some capital letters and a special character e.g. B00mB00mShakeTheRoom1990%