.

Healthy Passwords

.

.

KeePass Password Manager Review

Overview

If you’re a programmer or someone who likes making elaborate spreadsheets and databases, you’ll probably like KeePass. Otherwise, you’ll probably hate it. KeePass is an open source password manager. Open source software can be more secure than commercial software because a large number of people are constantly reviewing the source.

KeePass Login Screen

Security

KeePass does not store any data in the cloud (remote servers). Everything stays on your local system. The entire KeePass database is encrypted, not just the field values. We found KeePass to be a very nice encrypted database with a basic portable user interface. Non-technical users may find the interface confusing.

Government level AES encryption (Rijndael/SHA-256) is performed in protected memory (version 2.x only). The application claims to offer key logger protection, but it really is implementing protection against form grabbers. A low level keyboard logger may still intercept keystrokes. Keyloggers can be deterred by using a software keyboard and hover technique, but screenshots may still intercept passwords.

Features

Keypass offers a single password to unlock all other passwords. It offers a form of multi-factor authentication based on a file saved to a removable device. It also offers a windows level of authentication against your current windows user id. This means that if someone had your database, password, and removable device, they still could not login without your windows id/password. The down-side of windows authentication is you cannot unlock your database unless you are on the same computer. The windows authentication is not advisable because if your workstation crashes and you re-install, you will not be able to access the database.. We used KeePass on a portable encrypted flash drive (IronKey), so multi-factor was not necessary.

Keypass will generate passwords if you desire and has browser integration with Internet Explorer and Firefox. It also offers a copy to clipboard, drag and drop, and auto-type for browsers that are not supported. This is standard functionality for all password managers and KeePass is on par. We are highly technical users and found getting the browser add-ons to work very difficult. There is also a fear level of having to trust an unknown third-party developer. If browser integration is important to you, there are much stronger browser integration offerings.

Keypass version 2.0 will run on all versions of Windows that support .net, which is Windows 98 and up to the latest version Windows 7.

If you use an international character set, Keypass supports Unicode. It’s database comes with standard fixed fields for things like username, password, site, etc. It also supports user defined text fields and file attachments. The program features an internal attachment viewer, so you can view files from a USB stick in portable mode. The database is searchable. You database can be exported or new data can be imported.

Other Reviews

  1. The Tech Herald – July 23, 2009 – By Steve Ragan

    This is a little old and on version 1.0, but it is an excellent review.

  2. NewsObserver.com – November 2, 2011 – By Noah Matthews

    This reviewer did not like the KeePass interface.

In the spirit of full-disclosure, we advocate using your brain and a system to create and remember passwords. We also understand that there are exceptions to every rule. If we were to endorse a password manager, it would be one like KeePass, which provides the option to only store your encrypted data locally.

We have tried using KeePass for two months now. Instead of using it for all passwords, we only use it for infrequent moderate risk sites. Rather than using browser integration, we use the copy and paste. Our Keepass is installed on an IronKey Flash drive, so we have no fear of losing our data. For our needs, KeePass is an excellent database for keeping client passwords, software license keys, and other sensitive data. Having it on a secure flash drive as a portable application provides access to all data when needed.

Screen Shots

This is the main keypass screen. The left pain are entries added by you in a hierarchical format. You can create folders and subfolders as you wish.
KeePass Main Screen

This is the context menu when you right click or select options and click on an entry. Notice copy password. This is probably the most used function in KeePass.
Keypass Right Click Entry Popup

This is the main entry screen. You key in details about the site and can generate passwords here or key in URLs. The additional tabs hold added information.
Keepass Entry Screen

This is the advanced tab of the main entry screen. We found this tab very helpful for storing license keys for our software licenses. You can add as many custom fields as you wish here.

Advanced options

Every attempt has been made to fairly represent this product. If you find any incorrect or confusing information, please email errata@HealthyPasswords.com with your information and we will promptly take action to address your concerns.

blog comments powered by Disqus
McAfee SECURE sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

.

Leaf

Leaf

Home | Live CD Listing | Password Worksheet | Third Party Ratings | Purchase | Errata | Contact | News | News Archive | Legal

Copyright © 2011, Sustainable Alternatives, LLC | Ligonier, PA 15658 | 724-238-9560 | All Rights Reserved.

 Sustainable Alternatives, LLC BBB Business Review
Leaf

.

Leaf