KeePass – secure password storage
KeePass is a free password manager. The password manager is open source, easy to use and completely free.
With KeePass Password Safe, the user can store already created and create new passwords in one place, which will be securely encrypted in the password manager database.
On the Internet, many of us often have to create accounts in various services, services, networks, sites, etc. The motives for using it can be different: creating a new e-mail box, an account on a social network, using the appropriate services for money transfers, registering on websites, etc.
When registering, it becomes necessary to invent and then enter your data, mainly in the “login” and “password” fields. The degree of password strength will depend on the safety of your data when an unauthorized person tries to access your profile data.
The KeePass password manager supports AES (256-bit) and Twofish encryption algorithms, which will be used to encrypt the program’s databases.
You can download the KeePass program from the official website of the manufacturer. You can download a regular version of the program with installation on a computer, or a portable version of the program that does not require installation. Versions of the program are available for download for different operating systems (Windows, Linux, Mac OS X, BSD, etc.), and for various mobile devices.
To download to your computer, select the next version of the program – KeePass Professional Edition.
Which version of the program is better to use? My choice is the portable version of the password manager.
When using KeePass Portable, you can run the program from a USB flash drive, or from any other removable drive on any computer. In this case, the registry entries, configuration files, and other data that will be created in the Windows operating system when installing the regular version of the program do not remain on the computer.
In any case, for the safety of passwords, it will be important not to lose only one file – the encrypted KeePass password database.
To work with KeePass, your Windows computer must have NET Framework 2.0 or higher installed. This software platform is already installed in modern versions of Windows.
After downloading to your computer, unpack the archive with the program. You can place the KeePass folder (with the name of the version of the program) in a place convenient for you (hard drive, flash drive, external hard drive, etc.).
To localize the program into Russian, you will need to download the appropriate language pack from the manufacturer’s website: keepass Russian . After unpacking the archive, move the localization file Russian.lngx to the folder with the program.
Database creation
After opening the program window, click on the “View” menu item, and then select the “Change Language …” item in the context menu.
In the “Select Language” window, select the appropriate language. In the next window, agree to restart the program. After that, the KeePass program will be opened in Russian.
As you can see, the program window is still empty.
Now you will need to create a new password database. To do this, you will need to click on the “File” menu item, and select the “New …” item in the context menu.
In the “Create a new password database” window, you will need to select a location to store the encrypted password database. Here you can choose several options: save the password database to the folder with the program itself or to some other folder on your computer or on another external drive.
You can change the default “NewPasswordBase” filename to another filename. This can be done later when you want to rename the database name.
In the event that you have an encrypted password database in the folder with the program itself that you placed on the flash drive, then you can use the KeePass program after connecting the flash drive to any computer. There is one drawback in this version of using the program: the flash drive can be lost or fail.
I myself use a slightly different method of database storage. I create a special folder on the “D” drive of my computer, and then I store the encrypted database of the KeePass program there. The folder with the program itself is located on my C drive, although this is a portable version of the program. I created a shortcut to launch the password manager like a regular program.
The database, which is located on the “D” drive, I save in the Yandex.Disk cloud storage, which I transferred to this section. I also copy the database to the folder with the program on the flash drive.
As a result, if I suddenly need to reinstall the operating system, the KeePass database will be saved, since it is located on a different logical drive. If my computer’s hard drive fails, I still won’t lose my data because the database will be stored in two other places. Thus, three different save locations ensure the safety of the database.
You can create multiple databases in the KeePass password manager, and each database will have its own master password. Pay special attention to the safety of all databases.
Create a master password
Immediately after creating the database, the “Create a compound master password” window will open, which is designed to encrypt the password database. The password can be from one or more sources.
KeePass Password Safe offers the following options for creating a compound master password:
- “Main password” – you enter only the password to access the encrypted database.
- “Key file” – in addition to the main password, or instead of the main password, you will need to select any file, or create a key file.
- “Windows account” – you enter the details of the current account.
If you select multiple sources to enter the program, then you will be able to open the database only when entering data from all sources. If one of the sources is lost, you will not be able to open the program database.
Therefore, the best option would be the choice made by the program by default – “Master Password”. You will need to come up with and then enter a password in the “Master Password” field to enter the KeePass program.
You can click on the stars to open a field to view the password you are typing. At the bottom of the “Estimated quality” scale, you can see the quality of the created password, estimated in bits. The more bits the generated password has, the more secure the password will be.
In this image, you can see how I did using the well-known expression, a fairly strong password.
After completing the creation of the master password, click on the “OK” button.
Next, the “Create a new password database – Step 2” window will open, in which you can configure the parameters for creating a password database. The program, in principle, is already optimally configured, so there is no special need to change the settings of the password database parameters.
In the “Security” tab, you can click on the “Calculate for a second delay” link to increase the number of encryption cycles.
After setting up and changing the parameters, do not forget to click on the “OK” button.
After the settings are completed, the window of the created password database will open. The password database and its categories (groups) are displayed in the left part of the program window. You can delete all of these groups, or keep them if the group names are suitable for you to use (they can be renamed or changed at any time). At the moment, the groups are empty because no new entries have been created to store the passwords.
After deleting entries or groups, they will be moved to the “Trash”, which will be displayed in the groups section. If necessary, you can empty the contents of the “Basket”.
Changing the Master Master Password
At any time, you can change the main password, which is used to enter the program. To do this, you will need to click on the “File” menu, and then select “Change Master Password …” from the context menu.
In the Generate Composite Master Password window, enter a new master master password to access the encrypted database in KeePass.
KeePass Settings
You can enter the program settings from the menu “Tools” => “Settings”.
In the “Security” tab, you can activate some items: block the program when idle, when the computer is locked or the user is switched, when entering sleep mode. When changing the remote access mode.
The “Integration” tab contains the settings for the global hotkeys of the program:
- “Ctrl” + “Alt” + “K” – show the KeePass window.
- “Ctrl” + “Alt” + “A” – autotype.
In the “Advanced” tab in the “Startup and exit” section, I recommend activating the “Automatically save when closing / locking the password database” item.
The password manager can be locked at any time after clicking on the “Lock” icon, or using the keyboard keys “Ctrl” + “L”.
Adding, editing and deleting groups
To create a new group, right-click on the name of the database, or on an empty space in this section (left side of the program window), and then select the “Add group” item from the context menu.
This will open the Add Group window. Here you can choose a name for the created group, change the group icon, add comments.
To change the group icon, click on the folder image (default icon) next to Icon. Next, the “Select Icon” window will open, in which you can select a standard icon, or use another icon downloaded from your computer in the “.ico” format.
To edit a group, right-click on the group name, and then select Edit Group from the context menu. Next, in the “Edit Group” window, change the name of the group or the group icon.
Similarly, you can change the name of an encrypted database by right-clicking on the name of the database and selecting “Change group” from the context menu.
To delete a group, you will need to right-click on the group, and then select the “Delete group” item from the context menu. This group will be removed to the “Trash”.
Groups can be moved in the required order. To do this, you will need to right-click on this group, select “Order” in the context menu. Next, you should select a suitable place in the section for this group using the context menu commands.
You can add an unlimited number of subgroups to groups.
Adding a password
To add a password, you will first need to select the appropriate group, and then right-click in the main part (right) of the program window. In the context menu, select the “Add entry …” item.
After that, the “Add Record” window will open in the “Record” tab.
In the “Name” field, you will need to enter the name of the site, service, service, program, the password for which you will store in the KeePass program. In the name field, enter the login for this account, and in the “Password” field, enter the password if you are entering data from a previously created account. When creating a new password, KeePass will automatically prompt you for the generated password by default.
The “Quality” field will display the quality of the strength of this password.
In the “Link” field, you can add a link leading to this resource.
In the “Comments” field, you can enter reference data: security question, phone number for confirmation, etc. information.
After clicking on the “Icon” button, you can select an icon for this password.
To display the password, you will need to click on the “star” button. In this case, you can check the content of the characters that make up this password, and if necessary, you can make changes to this password.
After entering all passwords into the program, you can print all passwords on paper from the menu “File” => “Print”. It will also be possible to send data from individual groups for printing.
Password generator
Below the stars is the Generate Password button. After pressing the left mouse button, a context menu will open to enter the password generator, or to create a key of the corresponding type.
In the “Password Generator” window, you can set up a password of the required complexity and strength.
In the “Settings” tab, you will need to select a profile to create a password:
- “Custom” – you choose the settings for the password.
- “Based on the previous password” – a new password will be generated based on the settings for the previous password.
- “Auto-generated passwords for new entries” – the program itself will generate passwords according to the specified parameters.
- “40-bit hex key (built-in)” – the program will generate a key of this type.
- “128-bit hex key (built-in)” – the key for this parameter will be generated.
- “256-bit hex key (built-in)” – A key that meets these requirements will be generated.
- “Random MAC address (built-in)” – the generated key will have the appropriate form.
You can choose the length of the generated password. Additional character sets can be selected for greater password security. After completing the settings, click on the “OK” button.
According to US encryption standards, when the key parameter is 128 bits, it is usually classified as “secret”, and when using a 256-bit key, “top secret”.
In the “Advanced” tab, you can enter additional settings. In the “View” tab, you can see examples of passwords created according to the rules of the first two tabs. From this tab, you can copy passwords to replace your existing passwords. Naturally, you will first need to change the passwords on the corresponding services, and then save the changes in the KeePass program.
The created entry will be in the corresponding group. If necessary, you can add other entries to this group, or move entries to other groups.
After closing the program window, a window will open in which you will be prompted to save all changes to the password database. To save the changes, click on the “Save” button, and before that, activate the “Automatically save when closing / locking the password database” item. After activating this item, this window will no longer appear, and all changes in the password database will be saved automatically.
This is done in order not to lose the changes that you for some reason forgot to save. After closing the program, all changes in the database will be saved.
Editing a post
To change an entry, you will first need to right-click on the corresponding entry, and then select the “Edit / View Entry” command in the context menu, or press the “Enter” button on the keyboard.
Next, make the necessary changes to the appropriate entry.
Insert password and login
There are several ways to insert passwords and other data into entry forms on websites and programs.
After clicking on the corresponding entry with the right mouse button, it will be possible to copy the name (login) or password from the context menu. Then you will need to enter your username and password in the appropriate fields of the input form.
Otherwise, you can copy the login and password to the clipboard using the corresponding icons located under the program menu bar.
Login, password and other data can be simply dragged from the program window with the mouse into the appropriate fields of the data entry form.
If you double-click the right mouse button on the login or password, then these data will be copied to the clipboard.
To insert a password and login, you can use autodial.
When copying data, the clipboard will be cleared after a few seconds. In the program settings, you can set the required period of time (by default – 12 seconds) for auto-clearing the clipboard.
Autodial (autocomplete) in KeePass
Auto-typing (auto-complete) will not use the keyboard, thus, there will be protection from spyware keyloggers that read the data typed on the keyboard.
The antivirus installed on your computer should protect against keyloggers.
Autocomplete is called by the keyboard shortcut “Crtl” + “V”, or from the context menu “Start autotyping”, after selecting the corresponding entry in the program.
By default, autodial in KeePass performs the following sequence of actions that mimics manual data entry:
{USERNAME}{TAB}{PASSWORD}{ENTER}
First you set the mouse cursor in the “login” field, then the name is automatically entered, then the “Tab” key is simulated, then the password is automatically entered, then the “Enter” key is simulated.
You will be able to change the order of the tags you enter to use the commands in a different order on certain sites.
To navigate to the desired site, it will be possible to use the “Links” context menu item to open this link in the browser, of course, if the link was added to the corresponding entry.
In some cases, autocomplete may not work.
KeePass update
To update the portable version of the program, simply unzip the archive with the new version of the program, and then copy the files to the KeePass program folder. The data will be overwritten, but you will not lose your settings as the configuration file and database will not be overwritten.
A large number of plug-ins (additional modules) and extensions for browsers have been created for the KeePass program, which expand the possibilities and make it more convenient to use the password manager program. Since this article turned out to be very long, it is not possible to consider such additions in this article.
Article Conclusions
The free KeePass program is designed to securely store passwords in one place. To access the password manager, the user will only need to remember one main master password.