Keep All Your Passwords Safe With KeePass

toggle-button

KeepassHow many passwords do you have? I have literally hundreds. You probably have loads too. Or maybe you don't, because you use the same password everywhere. Which is, of course, a really bad idea.

Finding a way of keeping all your passwords stored safely isn't easy. You can write them down in a book, of course, but you need to be careful where you keep it. Unbelievably, it's actually possibly to buy password books, complete with a cover that says Internet Password Book in great big letters! Needless to say, I don't recommend them.

If you really insist on writing down your passwords, there's a different sort of book you can buy. Have a look at https://www.amazon.com/Safe-House-Internet-Organizer-Disguised/dp/150553... for example, which is a book available from Amazon that looks like a conventional novel but is really a heavily-disguised place to write down your passwords! Clever, eh?

But if you want to use software to keep your passwords safe, and you want to do it for free, then KeePass is what you need. It's a password organizer for Windows that keeps all your usernames and passwords safe in an encrypted database. All you have to remember is the password for the database itself, and the software then protects everything else.

KeePass is open source, portable, and is a 3 MB download from http://keepass.info. You'll want the Professional version (2.x rather than 1.x), which is still free. It's also malware-free according to VirusTotal and Web of Trust.

The latest release was launched just a couple of weeks ago, so if you're already a user of KeePass but haven't updated recently then you should probably do so.

See alsoKeePass: An open-source and cross-platform password manager works without any limitations

 

Please rate this article: 

Your rating: None
4.47059
Average: 4.5 (17 votes)

Comments

Thank you for your answer to my question about WOT. I had forgotten about the forum. I'm old(er) so sorry....

I used to use KeePass Safe, but now I use Password Gorilla ( http://www.zdia.de/downloads/gorilla/ ). It is cross-platform for Linux/Windows/and Mac OS X - Source Code available.

I find it to be more useful. You can organize passwords into groups (For Instance: "Web Sites" / "Mobile devices Logins" / "Network Logins" / "MySQL Database passwords" / "Desktop APPs") - and sort on the groups, generate passwords with several options, edit, and add comments to passwords. You can even merge two databases together, which function I use to quickly update older databases, with the latest passwords in the newest database. The Database Merge function also has a comprehensive Conflict Resolving scheme.

The built in help is very detailed. Please, do check it out! I hope you find it as useful as I have found it.   C. Mc.

Regrettably it doesn't seem to support Android and I can't use it on the move. My current choice Keepass and Lastpass, the former includes banking passwords and the latter doesn't.

Yeah, my bad. I removed "Android" from the list of platforms supported after I saw this: https://github.com/zdia/gorilla/wiki/Gorilla-for-Android

https://github.com/zdia/gorilla/wiki/Gorilla-for-Android-(GUI) (It is still a work in progress.)

It is one of the better 'free password safe' offerings for Mac OS X users, though. (If not the Best.)

KeePass is really good stuff. It's local, rather than a web app controlled by somebody other than me.

With KeePass you can use a different password on every site reasonably easily. Back when Adobe was cracked, all I had to do was change that one password.

Its container file is protected by strong crypto, so use a good passphrase.

I use it with a free Dropbox subscription, so the container file shows up on the various computers I use.

There's also a plugin for syncing the encrypted container file to AWS S3, which I use to back it up.
Highly recommended!

I have a problem with Web of Trust. Firefox stopped using it and I have to use an old version, but that is not why I am writing this. I see lots of sites use it to test software. How is this done? I use VirusTotal all of the time but I am flabbergasted about software sites using WOT to test software. I thought, up til now that they just rated web pages. So, what's up with this?

There are better places to ask this question:

  • In an article that relates to WOT.
  • In the site forum.

KeePass+Firefox+KeeFox
Absolutely fantastic!!

Additional cross-platform info regarding Keepass: There is a very good implementation of Keepass for Android called KeepassDroid. I store my Keepass database in Dropbox, which makes my passwords available to me on all my platforms: desktop, laptops, tablets, and phone. And now that Android apps run on ChromeOS, I have my passwords with me on my Acer R13 Chromebook, too. Problem solved.

I'm satisfied with LastPass, which is secure, viable and synchonized across all the different platforms (desktop, laptop, cellphone) that I use, so why is KeePass better?

I have used KeePass for quite a while and recently switched to LastPass and am now in the process of switching back. Main reason for me is that I typically have a large number of tabs open and many of them will contain forms which do not have passwords (I am a web developer) - I found LastPass to be very slow as it seems to look at fields on every page and insert code to enable itself when it is not needed. But for more general use it is I guess fine. The other slight drawback is that we like to give our children the password to our password "safe" - with KeePass anyone who manages to get the password from them (not sure how securely they would keep the "safe" pass) would then need to get access to our devices which for anyone except the children would involve theft. With LastPass all our passwords would be available to anyone who obtained the LastPass username/password.

What we did was create LastPass accounts for each family member. I can then share passwords with them and even not allow them to see the password so it can fill in login screens for them but not disclose the actual value. I can also then revoke that share if needed.

LastPass can be a pain sometimes filling in values where not needed, trying to be helpful.

I'm the only user, as I have no kids or spouse with whom the master password must be shared (and I don't reuse the LastPass master password for anything else).

I have used KeePass for years. I do use LastPass however I keep a backup of it in KeePass. I also do not keep financial logons in LastPass. I keep those in KeePass for added security since it remains local. Also, KeePass can be used on both Windows and Linux which works for me. The KeePass team continues to work on improvements as well. Also, it is portable so you can keep it with you on a USB drive.

I did use this a fair amount at one point. But I decided to move to lastpass about 3 - 4 years ago. I even used keepass along with lastpass once because, lastpass was only free to use on the desktop, but now it;s available to use on all platforms for free. So now I had ditched keepass altogether.

Ditto. You haven't mentioned all the good features such as the ability to script for the typical bank login, namely, supply username and password, then on next screen pick characters 3,6,9 in drop down boxes. Also there is a chromebook extension that will use the keepass database so you can use the keepass passwords on a chromebook. You still need a real PC to edit the keepass entries but at least it is possible to use a chromebook to login to your banks etc.. Note that the chromebook app is rather limited and just does username and password automatically. More complex logins have to be done by hand after using the app to look up the values needed for a dropdown, or using copy/paste for complete words.

Great software. Have been using it since years now.