There has been a lot of attention in the news lately about email passwords being compromised. Today we take a look at using KeePass to secure your passwords in an encrypted database so no one can get a hold of them.
For this article we are using KeePass 2.09 but you can still download the Classic Edition as well, which you may want to do so you can use certain plugins. Installation is straight forward and after installing KeePass, the first thing is to create a new password database by clicking on File \ New.
You will need to come up with a Master Password which is the only one you will need to remember moving forward. Make sure and pick a strong password with several characters, symbols, and numbers. It can be an entire phrase, sentence, or whatever you want it to be with virtually any characters you want.
Alternatively you can use a Key File which a master password in a file. This makes it so you don’t have to remember a long Master Password, but if it gets lost and not backed up you’re out of luck. Also, you want to keep the file in a secret location other than your local hard drive, malware attacks can find it if it’s openly available on your hard drive.
Now you can start entering in your passwords. To start Right-click the open window on the right and choose Add Entry.
Fill in the identifying fields and the password for the entry.
Rather than typing in your own password you can have KeePass generate a random one.
After an entry is made you can Right-click to get a menu of different options.
When you exit out of KeePass you will need to save your changes. Click the box below to automatically save when exiting out.
If someone were to get a hold of the Database, they will need the Master Password you created to do anything with it. Again we need to stress how important your Master Password is, make sure it is something no one can guess. Your date of birth, favorite pets name, 12345, etc are horrible passwords and can be guessed easily.
Another neat utility in KeePass is the Random Password Generator which will create a random password with as many or few types of characters you want to include.
There are several interesting plugins which add additional functionality and compatibility with other apps.
Note: Unfortunately not all Plugins will work with all versions of KeePass.
In the Plugins section you can configure them and find more by clicking on the link.
More Password Tips
Again, we need to mention to make sure your passwords are strong and is something no one can guess. Your password is the only thing between you and your accounts that contain important personal information. Your pets name, favorite kids name, “123456″, “qwerty”, “password”…etc are poor choices. Here are some other tips to follow for creating strong passwords and keeping your accounts secure.
- Don’t user real words and make sure there are upper and lower case characters, numbers, and symbols included in your passwords.
- Don’t use the same password for multiple accounts. If someone gets your email password and you use it for your online banking or other sites, the accounts will be compromised.
- Don’t give your password to anyone ever. Even if you think you can trust your spouse or best friend, it just adds to the potential of it being compromised in some fashion.
- Don’t write your passwords down and leave them under your keyboard or in some other obvious place. You would think this should go without saying, but in my IT career I’ve been shocked at how many user I have seen do this.
- Don’t use short passwords, make sure they are at least 8 characters.
- Use a password management tool like KeePass or if you use Firefox to manage them, make sure you create a Master Password to protect them.
- Change your passwords periodically. Usually in an office, the IT staff requires you to change your login and other passwords every 3-6 months. You also what to change your passwords for your online accounts as well. If you know your password(s) have been compromised then change them right away so your accounts can’t be accessed.
With KeePass keeping your passwords safe in an encrypted database and following strong password practices, you can have peace of mind knowing your personal data is secure. How about you? What methods do you use to keep your passwords safe? Leave a comment and let us know.
Programmer by day, geek by night, The Geek, also known as Lowell Heddings, spends all his free time bringing you fresh geekery on a daily basis. You can follow him on Google+ if you'd like.
- Published 10/13/09