Keepass – Keep Your Passwords Safe, Strong and Secure

Keepass Password Manager Review

Keepass is a simple, fast and light weight Password Manager.  Using this software allows you to keep track of all of your different passwords in one secure and encrypted database.

Keepass Main Screen
http://keepass.info

The program gives you the possibility of using a different password for every online account you have.  This is totally recommended as it is a terrible idea to use the same password for everything.  Especially if it is a simple one.

If a person with ill intentions figures out your one password they can then use it to try to log into countless online website and gain access to things like your email, bank, online member websites like Wealthy Affiliate, anything that uses that password.  Without a password manager it can be very difficult to keep track and remember all of your passwords.

Create A New Keepass Database & Keep It In Sync

When you first install Keepass you simply create a new database and set up a very strong master password.  This is the password that will unlock your encrypted database.  Be sure it is very strong and includes upper and lower case alphanumeric characters as well as symbols.

If you have a single computer you can save the database file anywhere on your hard drive where you will be able to find it.  For users with multiple devices I would suggest saving your database file to a syncing location.

For myself I use SpiderOak.  SpiderOak is a Zero-Knowledge encrypted online backup solution that includes a Sync Folder called the SpiderOak Hive.  I save my Keepass database file to my SpiderOak Hive.  From there it syncs to all of my other devices that I have SpiderOak installed onto.

Keepass Passwords Should Be Complex and Unique

Adding Entry to Keepass
http://keepass.info

Each password you create for any web site’s login should be complex and unique.  This is so simple with Keepass.  Just add a new entry for each website and use the password generator to come up with long and complex passwords.

I usually set the Keepass password generator to the maximum length that the site allows.   I also try to include all types of characters that the site allows as well.   Not every site accepts special characters and spaces so that is one thing to look out for.

Keepass iPhone Setup

Since Keepass does not make versions directly for mobile operating systems like Android and iOS, there are very many third party apps that integrate accessing Keepass from these devices.

For and iPhone or iPad running iOS there is MiniKeePass.  It’s a simple and free app that can be easily installed from the App Store.  Once the installation has completed open the app and open the Keepass database file.  It will prompt you for the master password.  Once that has been entered all of your passwords will be available on your device.

Keepass Master Password

This goes for any of the password managers that are out there.  Now this is important — this is the one password you do not want to forget.  Forgetting this password will result in losing access to all of the contents of your Keepass database.

Keepass Master Key
http://keepass.info

You need a long and strong Master Password that you can remember and again it should include alphanumeric characters as well as special characters.  Use a phrase to help you remember the password.

If you do decide to write it down somewhere be sure it is kept in a safe or something very secure since it controls access to all of your other passwords.

A bad example of a master password:  jennifer1986 or p@ssw0rd, or abc123 or 123456789101112 or thisisnotastrongpassword, etc…

A good example of a master password: Kn5in!38bAf@V1n#37IJh1kjk1! or Fix2@Door3!Today4

A good password has some kind of randomness to it but also a mix of upper and lower case and special characters.  It should also be more than 15 characters.

Keepass Password Safe Professional

There are two versions of Keepass available.   The first version which is known as Classic Edition.   The modern version is known as Professional Edition.  Both do the job but from my personal experience I only use the Professional Edition.  It seems to sync great between the different devices I have running different third part programs.

On my Mac running OS X 10.11.x I use KeePassX
On my Windows machine I run the Keepass Password Safe Professional that they provide.
On my iPad I use MiniKeePass.
On my Android phone I use KeePassDroid.

On my Windows PC I use Firefox as my main web browser so I’ve installed the KeeFox plugin which integrates very nicely with Keepass allowing new entries to be created from within Firefox, auto population of login credentials and updating passwords.  It also includes a password generator available right from within Firefox.  Anything other than Firefox I just copy and paste my passwords in.

One of the very great things about Keepass over other proprietary password managers is that it is built using the Open Source model.   This is great because any security expert or home grown computer guru in the world can download and review the source code and be sure things like cryptography and other security measures are implemented properly.  They can review the code for bugs as well and participate in correcting them.

Keepass Dropbox

Besides using the SpiderOak Hive solution for syncing your Keepass database file you may want to just use your Dropbox account.  Considering the Keepass database is already encrypted it is OK to use Dropbox if you have a very strong master password.

The one thing I like better about SpiderOak is their Zero-knowledge approach to storing files.   With SpiderOak Hive any file you put there will be encrypted locally again before it is transmitted to their data center.  For me I don’t mind using Dropbox for sharing certain things easily with others.  Personally, I just like a more secure solution for my password database.

Try It Out

Thanks for reviewing my brief summary of Keepass Password Safe Professional.  If you need better password management and to update your passwords to be unique for each account and website you have this is something which can be put to use today towards you online business success.

If you have any comments or questions please feel free to leave them below and I will be sure to get back to you.

10 Comments

 Add your comment
  1. Great Article and tips. You are very correct on the need to have strong and complex passwords. Keepass seems like a great tool to help keep track of all the separate passwords we need today.

    Another great way to create a strong password is to use a phrase you know and incorporate upper case, lower case, numerals as well as special characters.

    In stead of using the phrase (Iliketojumprope) use (1L!ke2JumpRope).

    Utilizing this approach increases the number of possible passwords a hacker or computer program would have to guess in order to come up with the right combination to hack into your account.

    • Hi John,

      That is absolutely the right idea. Familiar phrases will certainly make it easier to remember your secure passwords.

      Keeping it secure as possible is a must these days.

      Thanks,

      Marcel

  2. Excellent article about setting up and saving multiple passwords.

    I find it does get tough keeping track of all the different passwords and especially when you start to change some of the different passwords.

    To have them in an encrypted database makes a lot of sense compared to having them written down which gets confusing as you make changes.

    This program seems like the perfect answer!

    • Hi Travis,

      I’m a big fan of encrypting any personal files that end up online or in the cloud to help with your security – if it’s a file that has anything to do with personal information.

      I’ve used a number of password managers over the years and I’m happiest with Keepass Password Safe Professional so far.

      Cheers,

      Marcel

  3. Hi Marc,

    Having a smart tool to keep track of all your online business accounts these days is important. Keepass sounds like a good solution but some people may not want to install additional software on their computers.

    I use LastPass and it’s easy as it stores via web application – look under Chrome extension. The free plan is quite basic but it’s good enough for new business owners. Have you tried it yourself? Worth checking out.

    • Hi Cathy,

      True LastPass is another good alternative. I am an ex-LastPass user myself. I enjoyed using it for a number of years. Their security level has greatly increased from what I read after their Mid 2015 security breach they experienced.

      Any company is susceptible to a breach though these days so security first mind set is a must.

      This is one of the main reasons why a person like me really appreciates having control over where the password database is stored in the “cloud” / online.

      But LastPass is still a great choice and is easy to use.

      Cheers,

      Marcel

  4. Wow, I didn’t even know that there is any such tool available like Keepass. Sometimes I forget my passwords as there are so many for different accounts, this tool is definitely going to be handy for me and anyone who uses multiple passwords. Is this tool free or I have to pay any fees to use it?

    • Hey Lilg06,

      Keepass is open source and free to use. For syncing their Keepass Password Database across multiple devices some people use Dropbox if they already have it. Personally I use SpiderOak. They offer a free trial for 60 days but after that I believe there is a fee. That may be another reason why some use Dropbox.

      Cheers,

      Marcel

  5. I saw the example of a good password and theres no way I can remember that. Haha. But anyhow, it is good uou wrote about this. I have numerous sites and online bank accounts as well that i already get confused which passwords and user ids goes to this and that. I always end up resetting my password.
    I have a concern regarding this keep pass. How credible are they? I feel that its trustworthy but at the same time i am also worried about hackers being able to penetrate their site.

    • Hi Raymond,

      In the bigger picture there is always some level of risk when using any computer software.

      In my opinion I would trust Keepass more because it is open source and all of their code and security measures are available for any security/programming expert to review. Anyone is able to review the code and confirm that it is programmed properly and using proper cryptography.

      I wouldn’t be worried about a hacker penetrating their site any more than other sites that get attacked. For example in Mid 2015 LastPass, another different but great password manager, had a security breach. They made corrections and worked with security experts to solve their problem fast as possible and the end result was a more secure system that they currently have.

      Same would be for Keepass if something like that happened. The only difference, which makes me more comfortable with Keepass, is that my password database is not stored on their servers. It is stored where I decide to put it whether it is a Zero-knowledge encrypted cloud service like SpiderOak, Dropbox, a USB stick, mobile phone, etc…

      I think using any password manger that has a good reputation like Keepass or LastPass is better than

      1) same password used for multiple accounts
      2) passwords in an excel file in a windows folder or shared network location
      3) passwords on sticky notes
      4) emailing passwords around – any emailed password should be considered compromised and changed immediately as e-mail body generally always sends in plain text

      At this time I would say I’m comfortable with it. Being open source it is people like you and me (or those of us who know how to program) that make it.

      Cheers,

      Marcel

Leave a Reply