By Martin Jansen, Owner of Jansen-PCINFO
I have written about Password Management in the past because it is so important. Back then, I was and am still a proponent of Keepass in its various forms. It’s very good for new password generation and storage of passwords in a local encrypted file. That file can be placed anywhere including cloud storage like Google Drive, Dropbox, etc. The use of plugins can extend the use of the password manager in many situations. Best of all, it is open source and free to use.
Life Without Password Management
I do feel sorry for those who don’t use password managers. Theirs is a life with little slips of paper stored all over the place. As passwords need to be changed, they cross off one password for another. Using the same password for many websites, they run the risk of the password being cracked by thieves, putting their identities and finances in danger.
If they are organized enough to put the passwords in a book, they run the risk of losing the book. The effort they put in the book could just as easily be put into a password manager.
I’ve seen people use the ‘forgot password’ feature on many websites over and over again. What a waste of time and productivity. Pretty soon they run out of passwords that will work, while a password manager can generate new secure passwords for each site.
With a password manager, only one password needs to be remembered to access a database of many passwords unique to each website or application.
LastPass had a very bad breach via a (recently revealed) remote employee in August 2022. LastPass was very slow to report this breach to the media and its users. Now it is known that bad actors were able to get a full backup of the site, everything but master passwords. With all that information, brute force password hacking is a distinct possibility.
While I had tried LastPass in the past, my wife was still a primary user. I followed my own advice using Keepass on both my Linux Mint computer and on my Android phone.
The Way to Keeper
I did a lot of research to find Keeper. My wife had to change password managers due the LastPass breach and I was looking to upgrade my password manager to something more extensive. My list of requirements for a new password manager included:
- Excellent Security Record
- Cross Platform GUI (Linux Mint) Client Software – not solely command line
- Fingerprint authentication on Android Phones
- An Extension for Chrome, Firefox and other browsers
- Extensive import capabilities from LastPass and KeePass and others
- Family Plan with more than two vaults
- Password Sharing for joint accounts
- Autofill and Auto Submit
I was impressed that Keeper offered Linux clients and offered 5 vaults for family members at one reasonable price.
We’ve used Keeper for about 3 months now and it is working very well on our computers and phones. Is it perfect? No. Due to vagaries of different websites, the change password wizard does not always work well. In this case, turning off the autofill feature and generating a new password to copy and save is the better method. Otherwise, we are very pleased with Keeper.
Someday, No Passwords
The computer industry knows that passwords are a pain for their customers. Several big players like Microsoft and Google have tried to come up with alternatives. Microsoft offers Authenticator, an app that sends two digit numbers to your phone as part of their two factor authentication efforts. Google has tried to use security keys like this Yubikey:
None are far reaching enough to become standards in the industry. Until a secure standard is widely established and accepted by all commerce websites, we will be stuck with passwords.
If you use a computer to access various websites, you need a password manager. The best free option is Keepass and its various cross-platform counterparts. For a modest yearly cost a personal or family plan from Keeper is a great option. It makes password management easy to use across devices: computers, tablets and smartphones.