Peter Smittenaar

home
academic CV
photos

peter@petersmittenaar.com

Google Scholar

GitHub

LinkedIn

KeePass, why and how to use it effectively

Almost every other month a major website announces that their user database has been hacked. As Lifehacker pointed out, KeePass would have helped you keep relatively safe in case of websites getting their user info stolen. I don't care whether you use KeePass, which I discuss here, as long as you use some password manager (e.g. LastPass is excellent too).

First off, why even bother with password managers? You should use KeePass (or similar password management software), because:

  1. using the same simple password for multiple sites is risky, as when security is breached for one of those websites, hackers can use that same login information for all the other sites as well;
  2. it's a hassle having to remember your passwords, especially the ones that you have to change periodically;
  3. the feeling of moral superiority you get when someone else forgets their password;
  4. couple of other reasons, if you're interested: http://pzxc.com/use-a-password-manager-already.

This is not a guide to how to use the KeePass software itself (see here or official site for that), but practical steps to take when starting to use it (on Windows; works about the same on Macs and Linux). Also, you can use expensive flash drives that protect your passwords (like this shiny Kingston one), but there’s no need to rely on proprietary solutions. All you need is KeePass, which is free, Dropbox and a tiny flash drive to have permanent access to your secure passwords. If you're like me and prefer your software to be open-source and privacy-respecting, try SyncThing or any other ones mentioned on this GitHub page (hat-tip Parker for pointing me to that treasure trove of software).

What is KeePass?

KeePass is software that can open .kdb (‘Keepass DataBase’) files. All your passwords are stored in this one database file, which sits like any other file on your computer. You need to open the file with KeePass, and enter a password to gain access to the database. So to access all your passwords at any time, you need:

  1. KeePass software - download version 2 if you're just getting started (see here for comparison between v1 and v2)
  2. your .kdb database file
  3. a master password you have memorized (only password you’ll ever need)

How to start

How to continue

The beginning is a bit boring, because you have to enter all your accounts. After that, it’s easy. First, you need to make sure you have access to your passwords everywhere. To do this:

  • Have one copy of your database available ‘in the cloud’, i.e. in gmail, dropbox, google drive, or on your personal site. This should be a (zipped) folder that contains KeePass portable, and your database file. I keep my KeePass folder in dropbox. If you store it on, for example, gmail, you have to update it manually every few weeks to keep passwords up-to-date. Some people will criticise keeping your .kdb in the cloud, but if you use a decent master password it will take many years to crack the encryption, so I chose convenience. If you're someone more important than me, re-consider keeping your database in the cloud and instead go for e.g. a small flash drive in your wallet.
  • Buy a tiny USB drive that fits in your wallet (I use this) and put your database on there, including the KeePass portable software. This is great for e.g. travelling (remember: not a problem if you lose it, database is encrypted and requires your master password)
  • Add to your KeePass folder -which already contains KeePass portable and your database - the KeePass software for Mac in case you end up on a Mac. Download here: http://keepass2.openix.be/ (download the ‘binary package’ dmg file). Now you can just install KeePass on a Mac by installing the dmg file.
  • In case you end up on a Linux system, I’ve had luck so far using
sudo apt-get install keepass2

but if that doesn’t do it for you, try following this guide

Get faster

If you remember a few shortcuts, life gets much easier:

  1. ctrl-alt-a when on any website you’ve stored a password for will auto-fill username and password. Doesn’t always work.
  2. ctrl-alt-k opens your database.
  3. ctrl-v when highlighting an entry changes to your browser and enters username + password, starting in the field that was active (i.e. you must’ve clicked in the ‘username’ box)
  4. ctrl-c when highlighting an entry copies the password for you to paste into required field. Password is cleared from memory after 10 seconds
  5. ctrl-f. Remember this, vital once you get quite a few passwords.

This is what I usually do: you go to your website, ctrl-alt-a doesn’t work, so you do ctrl-alt-k (opens KeePass), then you ctrl-f to search entry, e.g. type ‘face’ to find facebook, and it’s highlighted. Then you do ctrl-v to paste all info to the website. Play around, it’s very powerful!

Other tips

You can store other information as well. I have my passport details in there, including a scan of my passport. I also keep my wireless password, secret questions for websites + their answers, and many other things in there. There are also -tons- of plugins for Keepass - a helpful reader suggested syncing the database with Google Drive through the KPGoogleSync plugin. This will make your .kdb available anywhere with internet and provide a backup to your flash drive or hard disk at home.

In case you are unlucky after all and your gmail gets hacked (after which they almost always clear all your emails…), make sure you’ve backed up your gmail messages to your computer. Google offers some helpful tools that let you download all your data.

Track your productivity: Rescuetime, why and how to use it effectively.

Use Launchy to work more efficiently: Launchy, why and how to use it effectively.