All this online activity across a multitude of sites and services brings with it the issue of what to do with all those logins you are collecting along the way? Initially you may get away with just remembering the username and password for a single site or a small number of sites, but there comes a time when that is no longer a viable system, even more so as the old memory starts to fade with advancing age! A common “solution” to this problem is simply to use the exact same username and/or password on every site so you only have to remember one.. this does of course make life easier for you, there is no arguing with that. However it also makes life considerably easier for certain devious people with nefarious plans to ruin your day – they only need to guess or otherwise acquire your login for one site and they have access to ALL your sites which is clearly not a good thing!
Fortunately there is a better and much more secure alternative – use completely different logins everywhere and use a password management application to store them all so you no longer have to remember anything other that the password to decrypt your password management database on your computer.
This is where KeePass comes in and saves the day. KeePass is another type of security tool which is pretty much essential these days, not just to those people working in the IT or MSP industry but for everyone online. Using KeePass you can store ALL your (very different!) logins including usernames, passwords, urls, comments and more, in a securely encrypted file on your computer.
Using KeePass is very simple – you create a new database (file) to store your login data and choose a password for that – you have to remember this one password otherwise you will be doomed when all your logins for everything else are locked away forever with pretty much unbreakable encryption! Alternatively yo could use a key instead of a password which saves having to remember anything other than where the key is actually located.
Then you just add new entries for each of your logins. You can add all sorts of additional data to go along with the basic username/password, so it becomes a very convenient database for all your online destinations. The app will allow you to enter any password you want but will also indicate the ‘quality’ (ie. how safe it is) to help you.
You can also use the built-in password generator which can (if you let it) produce extremely secure passwords of the type nobody could ever remember, let alone guess, and which is after all one of the main reasons to use such an app. The “if you let it” bit means that you should let it select from special characters and the various other character sets it offers and also choose a suitable secure length for the password – the longer the better.. there will be exceptions though as some sites or services wont allow special characters in passwords or restrict the length so you will have to modify the password generator settings for such cases. (or tell them to fix their poor security policies.
Another useful feature of KeePass is that there are versions available for many platforms including Linux, Mac, iPhone, Android as well as Windows of course. This means you can copy your encrypted password file to your smartphone and have safe access to all your logins wherever you are. Another handy feature is the ability to sync the password file so that you can maintain a central pass file which all your devices sync with to save you the job of manually copying it around everywhere. There’s also a large number of plugins which extend the built-in functionality even further.
KeePass is a great security application which is simple to use, open source and also completely free so you have no more excuses to not be securing all your logins from now on – it’s finally time you retired that faithful old ‘12345’ password!