Help Needed With KeePass

Discussion in 'privacy technology' started by TomAZ, Nov 2, 2014.

  1. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,004
    Location:
    USA
    Just downloaded KeePass to give it a try, but not really sure I understand out how it works.

    Do you have to add every login item manually -- or is there a way to add an entry to the KeePass database as you login to an account for the first time?

    And how/where does KeePass show up in your browser (or doesn't it)??
     
  2. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    KeePass 2.28 and not KeepassX or something, right? Just so I'm sure I'm giving you the right directions. I've been using Keepass for around 6 years now, love it.

    I think you can only add them manually to your database. So get some folders made to make organizing easier (Forums, Shopping, etc). Then just right click and add entry.

    So for an example I'll make one for a Wilders account:

    Title: TEST
    Username: Fakeusername

    Now Password, this is the big one. Click on "Generate a Password" then you'll see a menu. I just go "Open Password Generator". Then you can choose what characters you want and how long you want it. Of course this is dictated by what the password is for (different sites have different lenghts and characters they'll accept).

    Of course if you already have a password, then just enter in there.

    No, but there's an auto-type function and copy/paste.
     
  3. TomAZ

    TomAZ Registered Member

    Joined:
    Feb 27, 2010
    Posts:
    1,004
    Location:
    USA
    Yep, KeePass 2. Actually, I've been using LastPass, which I really like, but thought I'd check this out for my daughter.

    From what I've seen and from what you've said, it doesn't seem quite as "automated" as LastPass. Probably a very good password manager, but it looks like it might be a little more cumbersome and user intensive than LastPass.
     
  4. KeyPer4Life

    KeyPer4Life Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    974
    As mentioned KeePass has an auto-type function (global hot key set to Ctrl+Alt+A)
    When you want to login to a website you would click in the user name field and press
    Ctrl+Alt+A. KeePass enters the user name and password for you. Of course you would
    have to add the user name and password to KeePass database and then run KeePass.
     
  5. Veeshush

    Veeshush Registered Member

    Joined:
    Mar 16, 2014
    Posts:
    643
    You get used to it after a while and it becomes second nature. Personally, I like it over LastPass because it gives me full control of where my passwords are stored, and I can back them up myself.

    Another one to check out if you're interested is: https://prism-break.org/en/projects/password-safe/

    End of the day, obviously use whatever you're more comfortable with and gets the job done.
     
  6. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    KeePass user here for the last 3+ years.
    I wanted to give you a heads up... as a new user, you may very well overlook this.

    When you are creating a new entry (in the Add Entry dialog), on the Auto-Type tab, make sure that you select the box at the bottom of the dialog that is labeled, 'Two-channel auto-type obfuscation'. In my opinion, it should be selected by default. It is an awesome feature that adds a lot to the program's strength.

    Read more about it TCATO here.
     
  7. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,150
    Location:
    UK
    Yes, that's really great functionality. I've also added Zemana Antilogger to my main host to attempt to reduce these attacks, I believe that does similar obfuscation and clipboard vulnerability reduction.

    Does KeePass also support Secure Desktop for password entry? (makes keystroke logging harder) - one of the desktop password managers does use it, can't remember which. Ah - I see it is KeePass, it does support this and other good features as described here:

    http://keepass.info/help/base/security.html#secdesktop

    "Almost no keylogger works on a secure desktop"

    I use Password Safe 3.33 (similar to KeePass but Linux support was still beta last I looked) because of its two factor authentication support (using the Yubikey HMAC-SHA1 ability) - basically, this makes it far more resistant to keystroke logging because a second factor in authentication is required.

    If you wanted to read a somewhat dated analysis of the security of the password managers' databases, this gives a good overview:

    http://www.6nelweb.com/bio/papers/pwvault-ESORICS12-ext.pdf

    Both KeePass and Password Safe did well in these tests, like I say, this was from a few years back. Incidentally, I also use LastPass for web oriented stuff (with 2FA as well) - because it's so easy to use the system, and I'm quite comfortable with its security for run-of-the-mill stuff. For passwords which are not web oriented or I want to keep local, I use Password Safe.

    Hope that hasn't confused! I'm not trying to unsettle you from KeePass which is one of the better choices I think.
     
  8. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    I am still using KP Version 1.26 - what special features do I miss compared to V 2?
     
  9. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    "KeePass currently is available in two different editions: 1.x and 2.x. They are fundamentally different (2.x is not based on 1.x). They mainly differ in portability and functionality."
    Edition Comparison
     
  10. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,150
    Location:
    UK
    I also note from that comparison that Keepass 2 does support OTP with a plugin - so that for example, a suitably configured Yubikey could act as a second factor using OAUTH-HOTP. Regrettably this is not compatible with the OTP that LastPass uses so I'd be wanting a second Yubikey to do this.

    Here's the information from the Yubikey site:

    https://www.yubico.com/applications/password-management/consumer/keepass/
     
  11. blainefry

    blainefry Registered Member

    Joined:
    Jan 25, 2014
    Posts:
    165
Loading...