Password management with KeePass

Every computer and internet user needs passwords on a regular basis. It is very unwise to use one or only a small number of passwords for all these accounts. A short, easy-to-remember password is also not a good choice. But you can soon lose sight of the wood for the trees and it becomes increasingly difficult to remember a growing number of long passwords. A password vault offers a solution for this problem. We explain how to set up and use the free KeePass password safe.

After a certain number of passwords, you can no longer remember them all, especially when it comes to long, complicated passwords. Instead, enter all your passwords into KeePass, which stores them in an encrypted file. This file, the password vault, is encrypted with a master password. So you only need to remember one password, with which you can unlock all your other passwords.

To keep an overview, you can organize your passwords into groups, such as websites, e-mail, internet banking and so on, so that you don't always have to scroll through a long list of passwords. When you have found the required password, you can simply have it entered - by dragging and dropping - into the password field in your browser or another program.

You can move or back up the database containing your passwords to another computer at any time. In short, you just need to pay attention to this file so as not to lose your passwords. In addition, KeePass can export the file to all kinds of formats and can also import password files in about twenty formats so that you are not glued to KeePass forever. Instead of making up your own passwords, you can let KeePass automatically generate a strong password whenever you need a new one. Since you no longer have to remember your passwords thanks to KeePass, you can make them much more complex. KeePass has a lot of advanced options to manage your passwords, in this course we'll show you how to work with it.

Use KeePass to keep your passwords in a safe place.

A good password?

A good password cannot be guessed by anyone else. So it is not allowed to name or date of birth of you, your partner, children or pets, your favorite music group or football team and so on. Ideally, a password is a random sequence of characters, a mix of uppercase, lowercase, numbers, punctuation, and other special characters. Always make a password as long as possible, but short enough to remember. For example, an eight-character password isn't long enough. After all, there is software that tests all possible passwords up to a certain length. If your password is not that long, the number of possibilities for current computers is limited enough to be able to crack your password in a relatively short time. Twelve characters is actually the minimum and for the master password of KeePass we recommend even more, say twenty. When you enter a password in KeePass, the quality (strength) of the password is shown in bits: 64 bits is an absolute minimum, and the passwords that KeePass automatically generates have a quality of more than 100 bits.

1. Get started

For this course we use the Professional Edition of KeePass. Go to KeePass.info, click on the left Downloads and choose Portable KeePass 2.18 (ZIP Package) - or a newer version if available. Extract the file to a location of your choice. Then click on the left translations and click behind English on [2.x]. Extract the zip file and copy the file Nederlands.lngx to the folder where you put KeePass. Start KeePass and choose from the menu View / Change Language as language English and restart KeePass, after which you will see everything in Dutch.

KeePass on Mac OS X and Linux

Officially, KeePass only supports Windows, but the program is open source, so anyone can compile the source code on other operating systems as well. As a result, there are also unofficial versions for Mac OS X and Linux. You must first install Mono version 2.6 or higher and then follow the instructions for your Linux distribution or download the Mac OS X version on KeePass. There is also KeePassX, a KeePass clone that runs on Windows, Linux and Mac OS X and can be installed in many Linux distributions directly from the package manager.

On the KeePass website you will find several versions for systems other than Windows.

Portable KeePass

In this course we use the portable version of KeePass, which you do not install. You take this version with you on a USB stick and you can start the program on any computer. Simply download the zip file from KeePass and extract all files onto the USB stick. Updating is just as easy: just copy all the new files over the old ones. Portable KeePass keeps all the settings on the USB stick itself, so you can keep your custom settings wherever you are, whatever computer you run the program on. And of course that also applies to your passwords: the password file is on the USB stick, so that you have all your passwords at hand wherever you are. If you often work on different computers on which you have to enter a lot of passwords, it is therefore worthwhile to create a USB stick with Portable KeePass and to store all your passwords in it.

2. Create database

You must now first create a new password database, in which all your passwords are stored. Click on File / New. First choose the location of your database. The window that appears next will ask you for a master password or a key file. To get started, just choose a master password. Since all your passwords are encrypted with this password, it is very important that this master password is strong (see also the box 'A good password?'). After all, someone who can guess or crack this master password because it's too short or too simple will get access to all of your passwords. However, don't exaggerate: you must be able to remember this password, because if you forget it, you will lose all your passwords!

So type in your master password and repeat it, click OK and then again OK (we'll leave the database settings at their default values for now). You will be presented with the main KeePass window, with the different groups of passwords on the left and the passwords in the selected group on the right. KeePass already creates a number of default groups, but you can delete them and create your own groups yourself.