How to Better Organize Secrets Using Keepass Password Manager

Today’s Internet services rely heavily on text-based passwords for user authentication. The pervasiveness of these services coupled with the difficulty of remembering large numbers and symbols of secure passwords tempt users to reuse simple, easy to guess passwords at multiple websites, making their accounts vulnerable.

We always recommend you to use a password manager — it allows you to not only use strong, complicated passwords that you don’t need to manually type, but also makes use of unique passwords for online accounts simple.

Keepass is a free, open source password manager which helps you to manage passwords in a secure way. You can put all your passwords in one database which is locked with one master key or a key file, or both. If you are getting started, then you can check out our introduction guide to Keepass.

Organize Passwords Into Groups or Tags

The number of passwords a user must remember continues to increase, and the typical Internet user is estimated to have more than 20 distinct online accounts. As you keep adding more accounts, your passwords will get a bit more overwhelming to manage. Keepass lets you organize passwords into groups or tags. You can add as many groups as you need and use them to organize all of your logins in any order that would make sense for you.

To create a new group, first select in the group pane where the group should go, either the database name or within an existing group. Right-click to bring up the group menu and select “Add Group.” Alternatively, click “Edit” from top menu and select “Add Group” from drop-down list.

Give the group a unique name, choose an icon for the group if you wish and press “OK.” You can set a expiration date for the group if you only want to use it for a temporary set of passwords. You can even add a note for that group in the “Notes Tab,” so that you remember what this group holds or if there are any instructions that need to be followed when using passwords under a group.

Groups can be further divided into sub-groups in a tree-like organization. To create a sub-group, right-click the desired group and select “Add Group.” That’s yet another way to keep your passwords better organized and easier to access. Now all you need to do is drag-and-drop any entries you’d like to store in this group. The password entries are grouped together into the groups you see on the left. So, depending on which group on the left you selected, it’ll show you the entries in this group in the right view.

Apart from creating groups of your passwords, you can also tag your entries as favorites. Select the favorite entry, right-click on them and click “Selected Entries > Add Tag > New Tag” and enter e.g., “Favorite.”

In order to show all entries having the the tag favorite, click the three-keys toolbar button (right of the magnifier toolbar button) and choose “Tag: Your selected tag.” Alternatively, this command is also accessible via the main menu “Edit > Show Entries by Tag.”

Let’s suppose that you have tagged all the entries, and now you wish to open all the entries with that tag while opening the database. To achieve this, we’ll create a trigger system. Go to “Tools > Triggers” and click “Add.” Under the “Properties” window enter a name like “Show tag when opening a database” and click “Next.”

In the “Events” tab add an event “Opened database file” and click “Next.”

In the “Actions” tab click “Add > Show entries by tag” and under the Tag section write down the tag name. Click “Finish” button to successfully create a trigger system. Close the database and once you open them again you’ll see all the entries with your favorite tag. Don’t forget to save your database again each time you make changes.

As you notice with Keepass, you can organize entries either by placing them into groups or by tagging them with labels. There is a considerable debate on the relative merits of groups vs. labels, but the relative experience of organizing information with both groups and labels over time will mature and become understandable. Each model has its own strength and weakness when assessed with respect to basic activities of personal information management (PIM) such as keeping, organizing, and re-finding. So its up to you how you organize the entries. Choose the one that you feel makes sense, or gets your work done.

Deleting Entries from Groups

Over time, you’ll likely have some accounts that you no longer use. Select any entry from the group, right-click and select “Delete Entry.” Once you confirm, your entry will be moved to the “Recycle Bin” group. Your passwords are actually still there, but just hidden from view in a group you wouldn’t normally check. If you’d still like to use an entry then simply drag-and-drop it on the group folder. If you’re absolutely sure that you no longer need that entry, delete it from the recycle bin.

Arrange and Configure the Entry List Columns

Organizing your entries in groups or tags is sufficient if you are just getting started with the application or want to categorize them according to the types and importance such as applications, web logins, website logins, logins for shopping website, educational or entertainment websites, and so on.

However, it is also important to get an overview of a particular entry such as the creation time, last modification date, and tags. The creation time and last modification dates are particularly important because it gives you an estimate of how long you’ve been using that same password for an account and when you created it.

Keepass lets you arrange and configure columns according to your requirements. Select “View” from the top menu and click “Configure Columns.” To hide passwords select “Password” and toggle the checkmark “Hide data using asterisks.” Similarly, you can apply the procedure for user names or sensitive titles. This is recommended if you intend to use Keepass in a public environment such as cafe or open office.

There are many fields available for columns — Standard field, Custom fields, and More (Size in KB, Attachments count, History Count, Tags, Expiry Time, and URL Override). To reorder columns, drag-and-drop the column headers in the main window. To sort entries by a field, click on the corresponding column header in the main window.

Plugins to Enhance the Aesthetics of Columns

Keepass features a plugin framework. Plugins can provide additional functionality, like support of more file formats for import/export, network functionalities, backup features, and more. To install the plugin, download the plugin from author’s page and unpack the ZIP file to a directory of your choice. Copy the unpacked plugin files into the Keepass directory (where the Keepass executable file is) or a sub-directory of it. Restart Keepass in order to load the new plugin.

Information displayed in the column is sufficient for basic needs. However, two things are still missing. “Password Quality” details and “Favicon” of that particular entry are missing from the column. Password quality will show the strength of passwords in bits, and Favicon will increase the aesthetics of the entry.

From the Keepass plugins page download the Quality Column and Favicon Downloader plugins and install them. You will see a new column called as “Password Quality” in the list of column entries.

Favicon downloader will download the icons from websites in your Keepass entries, thereby making the entries look aesthetically unique. You can use this plugin to download Favicon for an individual entry, an entire group, or an arbitrary selection of entries. To make this plugin work fill the URL entry, right-click and select “Download Favicons.”

Organize Other Types of Secret with Keepass

You can use Keepass for other data that needs security other than just online accounts, website, or network passwords. It could be either used for storing software registration keys and serial number, wallet content such as credit/debit card, social security number, bank statements, secure notes, and other details. In order to fully utilize Keepass for this purpose make sure to keep the groups separate, add an icon and notes for detailed instructions, if any.

Add Software License Details in Keepass

You know, all those applications you’ve bought over the years, or all those multi-user licenses you have to keep track of for your business? Instead of leaving those details in a spreadsheet or random mail folders you can keep them securely in Keepass.

Let’s say you just purchased a license of Windows 8 PRO. Create an entry in the “Software License” group and name the title as “Windows 8 PRO” with link in the “URL field.” Since the license for Windows is perpetual unless you want to upgrade, there is no need to add the “Expiry Date.”

Some software licenses are valid for one year. In this case you can set an “Expiry Date” in this group. When this date is reached, the entry is automatically marked as expired (using a red-cross icon in the main window and showing the entry information using a striked-out font). The entry is not deleted when it expires. With this feature, you’ll come to know that your license is expired and is due for renewal.

Now go to “Advanced Tab” and you’ll see two sections.

“Custom String fields” section can have an arbitrary amount of custom strings. To add the new string field click “Add.” These strings can hold any information of your choice, in this case we’ll put the “Field Name” as License and “Field Value” with registration details including name, email address and product key of Windows 8 PRO. As usual the string details will be stored encrypted in the database like all other database content.

The “File Attachment” section lets you attach files to entries. The files will be imported into the database and is associated with the entry. When importing files, Keepass does not delete the original source file! You need to delete them yourself, if you wish. As usual file attachments are stored encrypted in the database.

To import the file as an attachment, click “Attach” and then select “Attach File(s).” A new window will pop-up. From there select the receipt copy of Windows 8 PRO and click “OK.”

You can insert any file as an attachment, be it a PDF document of receipt, text file, and even a screenshot. Later on if you want to view the attachment, then Keepass has its own internal viewer and it works with the data in main memory.

If the file format is not supported (e.g., PDF file), then Keepass extracts the attachment to a (EFS-encrypted) temporary file and opens it using the default application. After finishing viewing/editing, you can choose between importing or discarding any changes made to the temporary file. In any case, Keepass securely deletes the temporary file.

Add Secure Notes in Keepass

Keepass allows you to safely store information that may not fit well in any other category or that you want to protect from prying eyes. Secure Notes is a great place to store information that is useful but not often used such as two-factor authentication recovery keys, vehicle identification numbers, insurance policy numbers, emergency or temporary contact numbers, and so on.

Create an entry in the “Notes group” and name it as Passport Application form. Add “File Number” in the custom field strings. In the file attachment section, click “Attach” and then select “Create Empty Attachment.” An RTF file will be created and is associated with that note. Since Keepass supports both .TXT and .RTF file, you can view/edit them internally.

For TXT files, the built-in editor supports standard operations like cut, copy, paste, undo, word-wrap, and more. For RTF files, additionally standard formatting commands are available: choosing font, font size, bold, italic, underline, text and background colors, and more.

Once you’ve got your passwords and other secret entries in a Keepass database, you want to make sure to get those details easily across all your computers and smartphones no matter where you are and which device you have.

A lot of nifty features are present in Keepass. If you are just getting started with the application then it may take some time to get accustomed with the interface and tools available. Organizing and managing secrets with Keepass is easy but requires a well-formed workflow and what you want to achieve with it. If you require any help or have any or method you want to share, let us know in the comments below.

Rahul Saigal is a writer and all-around computer geek. Born in Kolkata, India, he works from home with all the geeky stuff and gadgets. When not working he loves to read, listen podcasts, and try new software. You can follow him on Twitter if you'd like.