Double the Security of Your Passwords

key review info
application features
  • Auto-Fill
  • (5 more, see all...)

A simple question: How many passwords do you keep? A friend of mine said that the number of passwords is exponentially smaller than the number of secrets it unlocks. True or not, the rapid development of the Internet compelled us to have at least two email accounts and if you are hyper-active with the Web 10 to 50 is closer to reality.

As having the same password for all accounts is out of the question, technology comes to the rescue by providing the necessary containers for storing all the sensitive data. The category of password managers is large and looking for a fine tool may result in a huge amount of time wasted until you find the solution that befits your needs.

Wrapped in a neat interface, KeePass is distinct from the traditional password managers on the market not only because it has been adapted to portable devices by John T. Haller but also because it offers flexibility in handling it, high security and it can store an unlimited number of items. KeePass creates a database that can be highly guarded by both a password and a key file. Of course, having both of them would constitute the best protection that can be applied to the database, but you can also have either one or the other form of security.

The first time you launch KeePass it'll ask you to choose one of the two methods of protection of the database. Be advised that using both a password and a key file exponentially increases the security. In the case of the password the moment you start typing the level of the security provided by the countersign will be measured. My advice to you: make it as green as possible.

For creating the file key there are two methods: either use your mouse as a random source of data (you just have to move it in a designated square) or type in some characters from which a random value is generated. Both methods end up in a hell of a file key that is essential to opening the database, so be careful where you store it.

The interface is nothing fancy, just a screen filled with options to allow you a better organization of the items to be inserted and lots of functionality for making it easier for you to type in usernames and passwords in the appropriate online fields.

All items can be organized in folders or groups that can be applied specific icons for easier identification. The downside is that there is no support for adding more icons and although the list is quite extensive (64 icons), it would be nice to be able to enrich it with your own. It does not matter how many groups you create or how many passwords you add as KeePass is perfectly able to store all of them. In fact it all depends on the space you have on the drive as the database is saved in a user defined location.

This means that you can create multiple databases protected by different passwords and key files. The trick is for you to be able to keep track of all of them. Databases themselves are also encrypted alternating AES 128/256-bit and Twofish 128/256-bit encryption algorithms.

Add Entry screen comes complete with fields for typing in the URL of the account, a section for appending a few notes about the account as well as a password generator to save you some time with finding a good, strong password.

The multitude of options available when an entry is selected is absolutely amazing. You don't even have to see the password in order to access the account it protects as KeePass makes available auto-type, a function that automatically fills web forms (default sequence is {Username}{TAB}{Password}{Enter} but it can be changed from KeePass.ini file). More than this, you can open the URLs directly from the application with a single click of the mouse or copy/paste username and password to clipboard (one at a time).

A very interesting feature KeePass makes available is attaching a file of any kind to an entry in the database. The attachment can be anything from a simple notepad text to an image or an audio file and it'll be stored and encrypted together with the database.

KeePass' functionality does not stop here as it can also deal with TANs - Transaction Authentication Numbers, i.e. numbers that can be used only once and then they expire. These are used by some banks for making more secure customers' transactions. In this case a special wizard is made available for the user where TANs can be stored. The moment you use one of them it'll automatically expire.

For making the KeePass environment as secure as possible, the developer added the possibility of auto-locking the software after a user-defined time has elapsed. The workspace can also be automatically locked the moment Windows is locked, when the current user is switched or when the window is minimized.

As the application can copy sensitive data to clipboard, for security reasons it can also remove it from there after a user-defined time in seconds. This makes sure that even if the data in the clipboard is not overwritten it will be purged anyway after some time.

A series of advanced options allow for more flexibility in handling the software, permitting the user to make settings like disabling all auto-type features, copying URLs to clipboard instead of launching them in the default browser, automatic saving of the database on exit and workspace locking, allowing a single instance of the KeePass, showing expired entries the moment the app is launched, etc.

KeePass makes for a hell of a password manager, being able to generate effective passwords and offering strong protection for the database sheltering the sensitive data by encrypting it alternately with AES and Twofish algorithms. Auto-fill features make it extremely easy to use even for the uninitiated user and with them it accentuates the futility of remembering passwords.

The Good

KeePass is absolutely free and portable as the settings never leave its folder. It comes with a huge amount of flexibility and ease of use as well as with a bunch of options unlikely to be met in other password manager.

The double protection for the database (password and keyfile) as well as the ability to work with multiple databases at once recommend it as one of the best password managers on the market.

Auto-fill feature is absolutely great, making the work of the user a whole lot easier. Also, it makes remembering passwords a task that can be eliminated altogether.

The Bad

I wish users could add their icons to represent the entries and the groups and having special fields for storing information on credit cards would also bring more value to the software.

The Truth

Easy handling, free of charge and offering strong protection for both the database as well as for opening it and a bundle of options for configuring it to your best liking, KeePass manages to set a standard few passwords managers dare to reach and contains features that not long ago were restricted to paid versions of such softwares.

Here are some snapshots of the application in action:

Review image

Review image

Review image

Review image

Review image

Review image

Review image

Review image

Review image

Review image

user interface 5
features 4
ease of use 5
pricing / value 5

final rating 5
Editor's review
NEXT REVIEW: Glary Utilities