Software Spotlight: Keepass

By Martin Jansen, Owner Jansen-PCINFO

The Problem

It’s a conundrum: every commerce website wants you to use a password to enter their website and yet we are advised to use different and strong passwords for each one.  How is anyone supposed to remember all these passwords?  It’s impossible.

Recently I wrote about Safe Computing and mentioned Keepass which is a password manager.  I mentioned a paraphrase from Tolkien’s “The Lord of the Rings” series.  He says, “one ring to rule them all.”  I say, “one password to rule all other passwords.”  In other words, you enter one familiar but strong password to open the password manager which gives you access to all your other passwords.

Please Don’t Use Paper

I know that many older adults grew up using paper to keep important information.  It’s not unusual to see these adults write down passwords on paper near their computers.  As passwords change they cross out old passwords and write new ones making for a confusing, organizational mess.  Also, what happens if you lose the paper?  Keepass stores those passwords electronically and entries can be easily updated when passwords change.

‘Forgot the password’ cycle

Others forget their passwords and have to go through the hassle of resetting passwords via the automated reset password routine allowed on websites.  What a waste of time!  Using Keepass can save time by storing passwords for easy retrieval.

Local Control

There are many other online password managers like Lastpass and Dashlane, but these keep your passwords in the cloud.  You must trust that these sites will not be hacked and your passwords will not be revealed to criminals.

Keepass, on the other hand, keeps your passwords in an encrypted database file that can be stored locally or in the cloud.  You choose where you want the file to be stored.  I store mine on my Network Attached Storage (Western Digital My Cloud) so it is available to both myself and my wife.  I could just as well store the file on Dropbox or Google drive.  Also, I can copy the file to my phone, but I have to remember that any new passwords will not be stored in the file on the phone, but on the main file on the NAS. 

Versions for All

There are many versions of Keepass, but the most prominent can be downloaded and installed from here.    The operating systems supported are plentiful:  Windows, Macs, Linux, Android, iPhones and iPads, Windows phone, Blackberries and Chromebooks.  There’s even a portable version that can be stored on a USB stick.

Although I have over 100 entries of passwords and other private data in the Keepass database file, the size of the file is only 38 kilobytes.  It’s very easy to copy and update the file on my phone for the latest entries.  I use Network Browser to find and update the file from the NAS to the phone.

Using Keepass

While the interface of the Keepass is not cutting edge, think Windows 98, it is easy to navigate and create groups of passwords to organize entries.  Creating a new database file walks the user through several steps including an opportunity to print out a Keepass Emergency Sheet should the worst happen and the user completely forgets the Master password.

Here’s the default organization of a new database:

One of the key elements of a good password manager is to generate strong passwords.  Keepass excels in this area.  When a new entry is created a password is automatically generated.  Even though resulting passwords can be complicated, the user doesn’t need to remember – the password manager remembers for you.  Here’s an example of a long and strong password generated by Keepass:  wqgUDUKsyDJZUdw9GMdaZ1’cqH*ZcoEXwJAr~a+%  That’s 40 characters with upper and lower case letters, numbers and special characters, but almost impossible for humans to remember.  

Master Password

When creating a Master Password for Keepass, I highly recommend using a personal, unique phrase and then modifying the phrase to make it more secure.  Here’s one: around the Fox Valley many are Green Bay Packers fans.  During the 1997 run for the Super Bowl Eddy J. Lemburger produced a polka entitled “I Love My Green Bay Packers.”  Let’s use that phrase and modify it:

I Love My Green Bay Packers


1 L0ve My Gr33n B&y P&ck3r$

For I we substitute 1, for o – zero, for the e’s – threes, for a’s – ampersands and for s, a dollar sign.  This makes for a long and strong Keepass password that is possible to memorize.

Don’t Worry, Be Happy

Life is stressful enough without trying to remember all the passwords to all the websites you visit.  Let a password manager, like Keepass, organize and fill in passwords for you.