Times have changed. Passwords are now seldom written down on paper and kept in the wallet or under a stack of books. Of course this is valid for those exquisite individuals who use different passwords on their accounts. I know that most of you use the same six character password for everything, but believe me, you will need to upgrade your security level eventually. Coming back to what I was saying, with browsers now offering to host your accounts and passwords people tend to forgo saving them elsewhere. As browser syncing is now a thing, your accounts more accessible than ever.
Do you really want that though? I often asked myself whether storing all my account data into the cloud was a good idea. KeePass proposes that you bring yourself back down and put your account data into a local encrypted file, accessible only by a master password. Indeed, there are online services that do just that, but with KeePass you have the luxury in knowing that your sensitive information never goes into an external repository.
KeePass creates kbdx database files. These files store an unlimited number of account data under a master password which can be as fancy as you desire. In such a database you will be saving accounts under different categories (for convenience).
Using the stored passwords is arguably more difficult than having them stored in your favorite browser. You can input your account and password in several ways. The quickest and most elegant is the Auto-Type feature. You simply need to have the Account text box selected in your browser and then press Ctrl+V while the correct account is selected in the KeePass application. Sounds complicated, I know, but you need to make some sacrifices for optimal security don't you?
On the bright side, KeePass lets you generate custom passwords that have a high degree of complexity directly into the account entries. This means you can quickly adopt or change passwords. With the expire function you may set a limited "life" to each of your passwords, reminding you to change them as you deem appropriate.
Of course, having somebody browse through your running KeePass is exactly like them looking through your Firefox accounts page. That's why with a simple click of a button, KeePass will lock up, only your master password being the saving grace of getting back to your data. Not only that, but you can augment the password verification with the addition of a key file. For example, even if somebody did get access to your password, without the special file that you so intelligently keep on your keychain USB drive, your data will still be safe.
KeePass has many more advanced features that can be used to enhance usability, but I'm not being paid enough to go through them.
- Alternative compilable release
- Password generation
- Synchronization (changes made on different database copies can be synchronized)
- High level of entry customization
- More stuff that dilettantes can't comprehend or don't need.
I personally don't feel that threatened that I should move my passwords to a local encrypted file. That is a risk that I'm willing to take. However, for someone with really important online credentials, KeePass is a very useful option. And free!