Last week I blogged about password managers and how much help they are. However, not everyone can or want to use a service like LastPass and 1Password. Today I show you how KeePass manages all your passwords on your local machine.
This post is part of the Protecting Passwords series. You can find the other parts here:
- Part 1: Do Something Good for You: Use a Password Manager
- Part 2: KeePass – the Cloud-Free Solution to Manage Your Passwords
- Part 3: Use BCrypt to Save Password (Hashes)
- Part 4: How to Find out If Your User’s Password Is in a Data Breach
KeePass or KeePassX? Or KeePassXC?
Before you can start, you need to figure out what application you want to use. For a long time it was the question of KeePass or KeePassX. KeePass was initially a tool that only worked on Windows, while KeePassX was an unofficial port for Linux. Now you can run KeePass wherever Mono runs (including Mac OS X and Linux) and KeePassX has a native version for those operating systems.
Unfortunately, KeePassX had the last release two years ago – not a good situation for a tool you entrust with your passwords. The community felt the same way and created a fork, calling it KeePassXC. Like the other two tools, it is Open Source and you do not have to pay to use it.
If you use KeePass or KeePassXC is down to your preference. KeePass has many plugins, while KeePassXC works better when I use auto-type to fill in password forms. The user interface is similar enough that you can switch between those two applications without the need to learn something new:
How do I start?
Go to the download page for KeePass or KeePassXC, download the package that fits your needs (portable, MSI installer, etc.) and install it on your computer.
At the first start of the application, you can create a new database. This is the place where your passwords will be stored. The master password gives you access to those accounts, therefore it is of the utmost importance to choose a good and strong password:
If you have your database, you can start adding entries. You can store your username, password ant the URL for the web site. The comment field is a great help when you need to store additional information, like what device you used for two-factor authentication.
KeePass generates a random password for your new entry automatically. If you want a stronger one, you can open the generate password dialog and modify the settings to your needs:
An important note on copying username and passwords: KeePass does a lot to protect you. One of those things can be the source of frustration on your first try. By default, it gives you only 12 seconds to paste your password into the login form. After that, it clears the clipboard and you have to start again.
There are many more fields and flags you can use for an entry. I never needed them, but it is good to know what possibilities you have. When you have a minute or two to spare, click through the tabs and get an overview on all the other fields.
Import and export
Both tools can import CVS files and the KeePass 1 format. If you need something special, like a direct import from the saved passwords in your browser, use KeePass and one of its many plugins. You can import passwords using KeePass and then switch to KeePassXC should you like it more.
The same works for the export. Both tools export to CVS files. For additional formats, you need again KeePass and one of its plugins.
Sharing between computers
KeePass has a built-in synchronisation mechanism that helps you to share changes between your local copy and your main database. If you want to try it, you should first make a backup and then read the manual very carefully.
No mobile client
There is no official mobile client for KeePass or any of its siblings.
The download page of KeePass list a wide range of unofficial ports that run on iOS, Android and even Windows Phone. However, most of them are outdated or gone. If you use KeePass because you are not allowed to use online password managers, you may need to do extra checks about the trustworthiness of those third parties.
Conclusion
KeePass and KeePassXC offer great flexibility to manage passwords on your computer. You can store plenty of additional information with your accounts and have built-in support for various use cases. I prefer an online password manager, but when I cannot use them, I work with KeePass.
Whatever your preferences are, the important part is that you use a password manager.
Next
This concludes the user side of handling passwords. Next week I switch sides and show you what you can do as a developer to keep the passwords of your users safe.
2 thoughts on “KeePass – the Cloud-Free Solution to Manage Your Passwords”