Passwords, pin numbers, keycodes and pass phrases. The bane of modern life. Bill Gates might be wanting to do away with them with InfoCard, but its going to be a little while longer until we have that pleasure. In the mean time we have to deal with password overload.
And thats where Keepass comes in. Its bloody brilliant. I stumbled across it a while back whilst looking for something completely different on SourceForge. Previously I’d not bothered with a password manager and kept a list in an Outlook task… hardly an ideal solution.
The main interface is pretty slick with a standard Outlook style layout. Tree view of password groups on the left with their contents in a grid on the right.
Storage wise passwords are kept in a custom format database file that can be password protected and linked to a key-file for extra security. There are two encryption options, AES 128-bit or TwoFish 128-bit. The resulting database is very small and portable. I tend to keep it on a pen drive so I’ve always got it with me.
You can also create various folders and groups to store passwords in. The option to assign different icons (the program comes with over 50) is a nice touch and really helps navigation.
Entering passwords is very easy using the dialog shown below. You can pick the group / folder you want to store it in along with an obvious title for it. The Notes option is also a great idea. However the really cool thing here is that it shows the strength of the password you’ve entered.
It has a built in password generator, as shown above, but you can click the Generate button located bottom right to give you the option to create a password off random mouse or keyboard input. I like the mouse input option :).
It would all fall down though if you couldn’t find what you entered, and Keepass doesn’t disappoint here either, it has a very quick search option that looks in all fields. Once you’ve found what you’re looking for there are options to copy the user name and password to clipboard whilst you login to a site. By default it is set to blank the clipboard after 10 seconds. There is an option called Perform Auto-Type that will actually try to enter the user name and password in an open web browser window, but it only really works with Internet Explorer.
Keepass can also be set to lock itself (so people can’t look at your passwords if you leave your machine unattended) if you minimise it or after a certain amount of time. The help file doesn’t appear to miss anything either. Its a very stable and feature rich piece of software. Best of all because its Open Source, its free!
I’ve found that I tend to have about 5 main passwords I can remember, that I use depending on importance. For everything else I use the password generator in Keepass. Lets hope I don’t lose my password database!
I’m also interested in what other passwords managers people use since there seems to be a ton of them out there!