Using Keepass to Secure Your Online Accounts
About two years ago I gave up trying to memorize all of my online accounts. I used a “three tier” password system for a while – with a low security, medium security, and high security password for the majority of my accounts. However, this still did not leave me at ease – knowing that if on one of these accounts my password was compromized, it potentially left the others open to attack.
After looking around for different password managers, I came across KeePass. The main features that drew me to this program:
- Open Source – Allows the ability to analyze the encryption methods
- Cross Platform – Clients available for Windows, Ubuntu, Linux, MacOS X, J2ME (Cell Phones), Blackberry, Windows Mobile and more
- Portable – Requires no installation
Installation is a cinch – visit the download page and install or unzip the software. Open Keepass.exe (on Windows), go to File->Open and create a new file.
While you type your password, it will tell you how many bits encryption it will provide, and also a bar with how secure/complex it is. After hitting OK, enter your password again to make sure you typed what you thought you did.
Inside Keepass you will see a Folder structure where you can organize your logins according to type or use. In my case, I keep separate areas for Work and Personal logins. Click “Add Entry…” to add a new login:
A password will be automatically generated – useful if you are making a new account. Click the three dots to change from a masked password to the plain text one.
If you want to have fine-grained control over your new password, while maintaining security, KeepPass includes a password generation tool.
For the ultra paranoid such as myself – you can click the box “Collect additional entropy” – this will ask you to move your mouse randomly around a box and type in random letters. Even if the default is secure, it gives my possibly neurotic self a great deal of satisfaction.
For ultimate usefulness, I have KeePass installed on my USB Keydrive. With the price of USB Keychain drives so low, and the size so large; I’ve found it invaluable to carry around with me at all time in case a tech emergency comes up (I am even able to boot off of it with a slew of diagnostic utilities – more on that later!) It was not a big jump for me to keep my passwords with me at all times, just like keeping my keys with me.
Along with the great advantage of always having your passwords available, there are a few downsides to this. If you lose your Key Drive you have two main problems. The first is that potentially someone else will be able to access your password. Since the password file is encrypted – this should be taken care of. The second is the loss of this file. For this reason, it is essential to back up the password file regularly.
I use a backup tool called SyncBack SE for this. It has been previously reviewed on this site by Mark. The paid version has many priceless (in my opinion) features – one being that it has an “On Insert” option. In the profile, select the drive letter that is assigned for your USB Key Drive on the “Insert” tab. On inserting your drive, it will automatically run this profile and back up your files.
With this program running, all you need to do is plug in the USB drive – for example if you are accessing a password, and it will run a backup. Just what I like – a backup process that you don’t need to think about. Less interference means easier backups!
I’ve been using KeePass for all of my passwords now for a while and I would never turn back. I must have over 200 sites with passwords I need to remember, if not more. Some have weird password requirements which would make it necessary for me to create new ones that are impossible to remember. This system has been working perfectly and I would recommend it for anyone who is required to remember more than a handful of passwords!