Useful Utils #3 – Keepass

Passwords, pin numbers, keycodes and pass phrases. The bane of modern life. Bill Gates might be wanting to do away with them with InfoCard, but its going to be a little while longer until we have that pleasure. In the mean time we have to deal with password overload.

And thats where Keepass comes in. Its bloody brilliant. I stumbled across it a while back whilst looking for something completely different on SourceForge. Previously I’d not bothered with a password manager and kept a list in an Outlook task… hardly an ideal solution.


The main interface is pretty slick with a standard Outlook style layout. Tree view of password groups on the left with their contents in a grid on the right.

Storage wise passwords are kept in a custom format database file that can be password protected and linked to a key-file for extra security. There are two encryption options, AES 128-bit or TwoFish 128-bit. The resulting database is very small and portable. I tend to keep it on a pen drive so I’ve always got it with me.

You can also create various folders and groups to store passwords in. The option to assign different icons (the program comes with over 50) is a nice touch and really helps navigation.

Entering passwords is very easy using the dialog shown below. You can pick the group / folder you want to store it in along with an obvious title for it. The Notes option is also a great idea. However the really cool thing here is that it shows the strength of the password you’ve entered.

KeepassAddEntry KeepassPassGen

It has a built in password generator, as shown above, but you can click the Generate button located bottom right to give you the option to create a password off random mouse or keyboard input. I like the mouse input option :).


It would all fall down though if you couldn’t find what you entered, and Keepass doesn’t disappoint here either, it has a very quick search option that looks in all fields. Once you’ve found what you’re looking for there are options to copy the user name and password to clipboard whilst you login to a site. By default it is set to blank the clipboard after 10 seconds. There is an option called Perform Auto-Type that will actually try to enter the user name and password in an open web browser window, but it only really works with Internet Explorer.

Keepass can also be set to lock itself (so people can’t look at your passwords if you leave your machine unattended) if you minimise it or after a certain amount of time. The help file doesn’t appear to miss anything either. Its a very stable and feature rich piece of software. Best of all because its Open Source, its free!

I’ve found that I tend to have about 5 main passwords I can remember, that I use depending on importance. For everything else I use the password generator in Keepass. Lets hope I don’t lose my password database!

I’m also interested in what other passwords managers people use since there seems to be a ton of them out there!

Brave soul installs 100 Firefox Extensions

The Superbrowser is not quite what I would have called it. I wonder how many bytes he had left out of the 4GB of memory he would have needed to do that. *snigger*

As a test to see if it was possible thats great, but I was dismayed to see in the comments that lots of people run with tens of extensions installed! How can they need that many? I tend to work on the basis of installing as little as possible and that a program should cover the majority of the functionality I need. Thats not to say I don’t have any Firefox extensions installed, but they amount to less than 10.

Microsoft Employee sleeps homeless as an Experiment

Whilst catching up on my blog feeds, a post by David Dehghan caught my eye. He decided to try a night sleeping rough to help him get a better understanding of life for homeless people. I have to say I admire his guts but its not something I’d be willing to do.

His account is currently split into two parts (Part One and Part Two), with a third coming soon. As he says its not a realistic experience of being homeless because after all, he has a home to go to. But I am curious to see what he has to say and perhaps more reasons as to what prompted him to do it.

David’s experiment reminded me that last weeks Economist had a very interesting article about the homeless in Moscow. Its pretty hard hitting:

On the wall of Andrei Pentukhov’s office is a large map of Moscow. Black marks are scattered across it, clustering especially around the railway stations to the north-east of the city centre. Each black spot represents a person found dead of hypothermia in the streets. Mr Pentukhov, who works for the municipal social-services department, explains that hypothermic corpses turn up even in August, after drunks tumble into puddles. Most of the black spots, however, appear on the map during the winter. Muscovites have a name for the bodies that emerge when the snow thaws; they call them “snowdrops”.

It goes on to mention that a large source of the homeless in Moscow are migrants looking for work. One particularly sad story is of an migrant worker who was clearing snow off the roof of a building. Unfortunately he fell off the building because there was no safety equipment. The Police turned up to see what had happened. They decided it was best to leave him to bleed to death in the snow. 40 minutes later an ambulance turned up. Whether he survived or not is unknown.

It makes you realise how lucky we are, by virtue of the fact I’m writing this and you’re reading it means we have access to a computer and so must be well off. Definitely food for thought.

Edit: It appears the Economist article needs a subscription to view, so here it is as a text file.

Couple of films

The Wife and I watched a couple of DVD’s yesterday. Wallace & Gromit in The Curse of the Were-Rabbit and Domino. Both of which I wanted to see at the the cinema but never got round to.

I’m a big fan of animated movies and if it wasn’t for a D in GCSE Art things might have been very different. Anyway, I really enjoyed Aardman Animations last feature film, Chicken Run (and the previous Wallace & Gromit shorts), but this just didn’t grab me in the same way. Don’t get me wrong the animation is fantastic. The sets are stunning in detail and they’re all beautifully lit. The problem was I’d sussed out early on what was going to happen. Worth a watch if you like animated films, but not a must watch. 

Domino is based very loosely on the life of Domino Harvey (played by the yummy Keira Knightley), a model turned bounty hunter. Its directed by Tony Scott who has directed some of my favourite films, such as Spy Game and True Romance. Actually you’d be hard pushed not to have seen one of his films, to name a few: Enemy of the State, Crimson Tide, The Last Boy Scout, Days of Thunder, Beverly Hills Cop 2 and Top Gun.

The film takes place as a series of flashbacks being told by Domino from an FBI interrogation room. Its fast paced and a tad violent :). The story is a little complex and took me a while to work it out, but I like that because it makes you think which makes you more engrossed. I wasn’t quite so keen on some of the quick editing and fast camera movements, but it wasn’t enough to be put off. Mickey Rourke puts in a good turn as Ed Mosbey, Domino’s boss. Christopher Walken also makes an appearance (I’ll watch almost anything he’s in just for comedy value alone, I tend to laugh at whatever he does). Oh and the Jerry Springer segment was hilarious. Overall, very good stuff.

Wrestling with MediaWiki on Windows

I’m in the process of setting up MediaWiki at work (the engine used for WikiPedia) as a test to see if we can use it for our documentation and manuals.

I hit a few problems along the way though, mostly down to inexperience with the software and not RTFMing. For reference I was installing the latest version of MediaWiki (1.5.6) on a Windows 2000 Server box (IIS 4 installed) with PHP 4.4.2 and MySQL 4.1.18. I had three main problems:

  • MySQL / PHP Old Password problems
  • Windows Access Rights / Permissions
  • Bugs in MediaWiki due to PHP on Windows working differently

I’ve hit the MySQL / PHP password problem quite a few times due to college stuff I’ve been doing but never got round to documenting it properly (I have now!). The usual error message you get back from PHP is Client does not support authentication protocol. Basically the problem is that MySQL now uses a new method for password encryption and PHP isn’t compatible with it. I find it a real pain in the backside that they’ve managed to engineer this kind of cock up. You end with passwords being stored that can’t be read properly.

To stop it happening you need to add old_passwords to the [mysqld] section of my.ini. Then restart the MySQL service for it to take affect. If you’re unfortunate enough to end up with broken passwords, the fix is to login to your MySQL database, work out which ones are using the new method and manually fix them. Like this:

  • Get list of users affected: SELECT Host, User, Password FROM mysql.user WHERE LENGTH(Password) > 16;
  • Fix their passwords (one at a time): SET PASSWORD FOR ‘some_user’@’some_host’ = OLD_PASSWORD(‘newpwd’);

The access rights were totally down to me not being awake. I’d remembered to set up script access in IIS, no problem, but I forget everytime to add the correct IUSR_MACHINENAME permissions. You have to add the local machines internet user to have different permissions to various folders (mostly just read access to the entire site, but write access to the images subfolder if you want to upload) and I must have been asleep, because to start with I was assigning the domain controllers IUSR and was wondering why it wasn’t working (by default Windows gives the user list of those on the domain, I should have selected the local machine). Once I got my brain into gear, after about 5 cups of Rocket Fuel, I got round it. 

At this point I was still getting errors on various pages with a PHP blurting out something along the lines of Undefined index REQUEST_URI. Turns out that in PHP for Windows you need to use SCRIPT_NAME instead of REQUEST_URI… obviously. So a bit of search and replace through the MediaWiki source code sorted that out (there were about 5 files).

After which, all was fine and dandy! Now I just need to get my head around how the system works!

Relevant Links:

Syntax Highlighting

Got hold of a neat little WordPress plugin by Matthew Delmarter for doing syntax highlighting on PHP, HTML and CSS. Why you ask? All will become clear later. Anyhoo, heres what it looks like:

// remove session varibles, not needed anymore
if (isset($_SESSION[fOrderToken]))

I’d previously looked for one but none where WordPress 2 compatible. This particular plugin is dead easy to install and activate but is a pain for getting code to display properly. You have to use the raw HTML editor in WordPress and surround what you want to highlight in tags. Not exactly rocket science, but I use BlogJet which does have a raw HTML view, but it makes such a bollocks of it, its not worth the hassle.

Other than that though, its pretty good. Might make some tweaks to it to make it more BlogJet friendly!

Edit: It appears to leave trailing lines / br tags, bugger.

New Olympic Event!

Scott Adams is onto something here. An Olympic Swearing event is something I’d definitely tune in to watch. I don’t tend to watch either the Summer or Winter Olympics since I find them a bit pointless and boring to watch… although I did manage (how I don’t know) to watch the women’s curling final last night. Sweden won against Switzerland, 7-6.

Getting back to Olympic Swearing, I think its something that England, for a change, would have a good chance of winning! Given how expertly we can string together expletives, I’d go as far as to say we’d take Gold, Silver and Bronze! No one else would get a look in. However, in the spirit of goodwill, I offer the following two sources to help other countries get up to speed. Roger Mellie’s Profanisaurus (NWS) and ProfaniWiki (NWS). Enjoy!

One month on…

Just over a month ago I started this little old blog and I’ve managed to update it nearly everyday with a total of over 40 posts. I’m surprised actually that I’ve been able to write so much drivel in such a short space of time. 

The main reason for doing this is because I want to improve my writing. I’ve never been particularly good at it and the only way to get better is to practice. Ok, so its a more chatty, informal style of writing but its a step in the right direction.

There are also a few blog related things I’m interested in exploring. One in particular is what search engines pick up on and what kind of content people search for. The Citrix articles have been popular, as has the WordPress editor error I had. Its a pity I didn’t have a fix for that since it is a pretty useless post. Might be worth following that up.

Its odd actually what people search for. “punch an enemy” was one such entry. What were you looking for?! I was also dismayed to find that blog spammers not only post sh*t to your blog but then search it a few hours later to see if their posts have gone through! Cheeky bastards!

I’ve realised the power of blogs from a first hand perspective. I didn’t expect feedback about TopDesk, but that serves me right for leaving a pingback on Scott Hanselman’s blog (it wasn’t me, it was WordPress!). I am interested to see where it leads though, I’ve left some further comments and not gotten a reply (yet).

All in all, a fun first month. So heres to another month!

Grrrr Google

I’ve tried to sign up to two Google services in the past week, Google Analytics and Google Page Creator. Both times I’ve had to sign in (using my Google / Gmail Account) and then been told:

blah blah has experienced extremely strong demand, and, as a result, we have temporarily limited the number of new signups as we increase capacity“.

I’m then asked for my email address… which I just gave for the login… so I can be notified when they’re accepting more peeps. Why even show the damn login if thats the case?!

Edit: The Google Page Creator now shows the heavy demand note below the login (its not visible enough though, needs to be bright red and yellow flashing).

If anyone has invites for Google Analytics I will gratefully receive them :).

Boycott the next Bond film?

The BBC is reporting that fans threaten to boycott the next film, a remake of Casino Royale (except its not apparently), because of Daniel Craig as the new Bond.

I spent a while reading the deadly serious, and unintentionally hilarious,, a site campaigning to get Mr Craig ousted from the role. I have to say I agree partially with what’s being said. I was pretty pissed, and still am, that Pierce Brosnan was fired. That said the website is scathing at times:

How can a short, blond actor with the rough face of a professional boxer and a penchant for playing killers, cranks, cads and gigolos pull off the role of a tall, dark, handsome and suave secret agent?

What films I’ve seen him in have been pretty good. Layer Cake was an enjoyable couple of hours, similar to Lock, Stock (same Producer) and Snatch. Munich is the latest film he’s done, which I’ve yet to see. 

His first couple of days on the set of Casino Royale didn’t go too well, he was hit in the mouth and had to have emergency dental work. Ouch! Pierce Brosnan was asked to comment at the premiere of his new film The Matador on Tuesday, to which his initial reply was to laugh and then said “Ahhh bless his cotton socks, it is kind of hard to say Bond without any teeth”*. Its all part of the job he continued. No love lost there then!

Anyhoo, I thought I’d give my list of favourite Bonds. It isn’t your usual one, and you have to remember I grew up with the Roger Moore films and errr… I’ve not really seen many of Sean Connery’s films (so not that much of a fan).

  1. Timothy Dalton
  2. Pierce Brosnan
  3. Roger Moore
  4. Sean Connery
  5. George Lazenby

Why that order? I’ll leave that for a later post. What’s yours? Yes, you reading this!

Getting back to Casino Royale, I doubt I’ll be boycotting it. I’m interested to see if Daniel Craig is up to job and what direction they’re trying to take the films in.

* I wish I could a find an online source for this, I’ve only heard it on Radio 1.