The next password manager in The Tech Herald’s series of reviews is KeePass. KeePass could best be described as a small and portable warehouse for your passwords. We took KeePass 2.08 for a spin, with the goal of working out why this little application is so popular and so recommended. Here’s what we discovered.
KeePass is not the end of all be all password management software, but for a free app, the OSI (open source initiative) is certified, there is a lot to ensure that the program useful and small. In all honestly, this is a killer little application. Installing is optional took 41 seconds from beginning to end.
However, no installation requires KeePass is designed. It can run from a USB drive or on a Windows desktop without installing a single thing, so there is no registry keys, no INI files, nothing. Platform-wise, KeePass is X, iPhone, PalmOS, BlackBerry, Android, J2ME devices on almost all Windows and Linux OS available. Once the installation is complete, the first thing you need to do is create a database.
This process is straightforward and begins with the creation of a composite master key (CMK). As with most of password manager this CMK at the end will need the password you will remember. Strength as the common advice in these checks is so important.
However, KeePass offers some layers to the CMK. Aside from a password you can also use a key file, as well as the Windows user account to boost control and security over the KeePass database. You can use any one of the options for the CMK or all three, as well as a combination of the three.
Key Files can be created by KeePass, however if you use them, make sure they are stored securely. If they are ever lost, then the KeePass database and all of the passwords stored within are lost as well. There is no backdoor or recovery.
If you use the Windows account option, you can access the KeePass database only with the account that created it. Changes to the account will not hinder access; however, removal of the account will mean the KeePass database will no longer allow access.
KeePass recommends using at least two options for the best security and warns the Windows account option only. It should be noted for the tech Herald review can we only the master-password option is this, because the contribution, password manager reviews are like all we will carry out, security design, usability and platform coverage to general application.
Once the database is created, everything you need to do is add account information, save your passwords. How to save it and manage it is up to you. There is space within KeePass, to the placement that customize organization and access to each account. You can sort groups for different accounts and browse and add in each account for the automatic filling in detailed information can be forms used. In most cases, the process easy, but if you need help, much like the documentation and resources for RoboForm KeePass has a wealth of information online. You can access this help from the database with the various help links.
There are four things you will need for each account: a title, username, password, and URL. If you add just those four items, you can right click the item within the database, launch the URL in your browser and with another click automatically login to the page.
You can also drag and drop fields from the database into the Web form, so there are several ways to use the stored information. Also, if you need to see the passwords stored in the database for any reason, the field masking can be disabled with a single click.
The process to setup groups and accounts takes some effort. While it’s simple to do overall, if you intend KeePass to manage several accounts, it might take some time to get everything entered into the database.
Another point to note which is the password generator. This small tool creates some great random secure passwords for use on your different accounts. Because some effort spent adding new accounts of the KeePass database, is one thing the trouble might be worth changing your passwords as you add them. For example, if your Yahoo password “Bubbles” then instead of sticking with, you add the Yahoo account to KeePass, use to create the generator to a stronger password and save. The image below shows the generator but more detailed information.
Now, there are some drawbacks. The largest drawback being that you need to install plugins before there is any browser based functionality. However, the fact that there are plugins that add functionality can also be seen as a bonus. The time spent adding and sorting new accounts is a bit of a hassle, but worth the effort at the end of the day.
Overall, KeePass is affordable, it has a strong support system thanks to an avid community of developers and users, it does exactly what you need it to without overcomplicating things, and it can be used anywhere making it universal. Considering there is no cost at all, download it, and see for yourself.
You can get KeePass from http://keepass.info