Private-Mail Blog

If you’ve tried to sign up for anything anywhere online in the past six months, you’ve probably noticed that password requirements have become increasingly strict. Some websites have requirements that may even border on absurd. Hackers are smarter than they’ve ever been and more people than ever use the internet to share or work with secure information. We need to make sure those lines don’t cross. KeePass might prove to be the most valuable answer.

Password Mistakes People Make

Using an easy password like “password123” is just asking to get hacked. Many websites require a certain combination of uppercase letters, lowercase letters, symbols, and numbers. These are understandably a little harder to remember than your pet’s name and your street address. It’s much easier to remember just one of these complicated passwords, or to make the easiest possible version of such password. This still leaves you vulnerable to people guessing, or getting one password right and finding that it works for most of your accounts. If you happen to use the same password across many websites its just a matter of time before one of them leaks, compromising all of your accounts at once.

Mitigating Security Threats

You should use a different, difficult password for absolutely everything. Writing them all down or storing them in a file still leaves you vulnerable. It only takes one person to find a piece of paper or one cracked password to access everything you have stored. That’s where KeePass comes into play.

When you use a password manager like KeePass, you can create lengthy and impossible passwords that you’ll never need to write down and remember. Keeping a different password for everything makes you all the more secure – if someone is trying to steal your identity, they can’t log into your bank and your credit card statement with the same password.

KeePass is a safe and easy open source tool you can use to secure all of your unique passwords so you can log into everything. You only need to remember one password – the password to your KeePass database. KeePass does it all for you, and you’re safe without having to give it a second thought. It even comes in a portable version that you can place on a flash drive and take with you everywhere.

Using KeePass

KeePass comes in several versions – desktop, portable, Android, and iOS. You can use it on virtually any device that connects to the internet. Make sure you’re installing the one you need. Just download it, unzip it, and click on the KeePass.exe file to begin the installation process.

You will first be presented with a database login. You don’t have a password database yet, so close it. It will open up a blank database that you can start customizing. Click file, then click new, then click OK. It will automatically generate a blank database document ending in “.KDBX” – you can name the document whatever you choose.

You’re going to need to set a master password for KeePass. If you play your cards right, it’s the only password you’ll have to remember. Make it a really, really difficult one. KeePass will evaluate the security of your password based on its metrics.

Once your master password is in place, you can add your list of passwords to KeePass. It will ask you about printing an emergency sheet. Print that emergency sheet, write your KeePass password on it, and store it in a lockbox. If anything happens or you manage to forget the only password you’ll ever need to remember, you know how to retrieve it.

Building Your Database and Logging Into Things

Building the password database is easy. You can title your password (ideally, use the website it is for as the title to prevent mix ups), input your username, and input the password. If you want to update your passwords, KeePass also offers a secure password generator. Make sure you actually change your passwords to ascertain that your login information mirrors what you have stored in KeePass. If you need to see your password, you can click the three dots to the right of the password field.

When you need to use your password to log in, right click the password field and select “copy password”. Quickly paste it into the password field of the website you’re logging into. You have about 12 seconds to copy and paste it – if you wait too long, KeePass is going to wipe it from your clipboard’s memory.

Since Keepass stores your database of passwords in an encrypted container file, it’s also an ideal place to backup OpenPGP keys from PrivateMail. Simply copy/paste your OpenPGP keychain contents in the entry notes and click save. If you ever need to restore your OpenPGP keychain on another web browser or device, it’s easy to copy/paste this data securely right from Keepass.

Conclusion

KeePass is easy to use. You don’t have to jump through too many hoops to be safe. It simplifies your life by only requiring you to remember one hard password, instead of dozens of hard passwords or a few dangerously simple ones. You can keep yourself safe online and commit to lengthy and complicated passwords without much effort.