Results 1 to 13 of 13
  1. #1
    5 Star Lounger
    Join Date
    Jan 2011
    Location
    Seattle, WA
    Posts
    1,070
    Thanks
    42
    Thanked 132 Times in 86 Posts

    Enhancing KeePass: Plugins and other tools




    BEST SOFTWARE


    Enhancing KeePass: Plugins and other tools


    By Lincoln Spector

    KeePass Password Safe might be the best solution for an open-source, free password manager. As with many open-source apps, a slew of add-on tools make KeePass more powerful and customizable than most competing products.

    The full text of this column is posted at windowssecrets.com/best-software/enhancing-keepass-plugins-and-other-tools/ (paid content, opens in a new window/tab).

    Columnists typically cannot reply to comments here, but do incorporate the best tips into future columns.

  2. #2
    New Lounger
    Join Date
    Feb 2003
    Location
    Auckland, New Zealand
    Posts
    9
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Enjoyed the article. Any recommendations for Windows Phone 8 that auto-syncs through SkyDrive to Windows 8.1?

  3. #3
    Lounger
    Join Date
    May 2011
    Location
    Vancouver, WA
    Posts
    30
    Thanks
    6
    Thanked 4 Times in 3 Posts
    I use 7Pass. It works pretty well on myWP8 using SkyDrive. Like MiniKeePass for iOS, I try to think of it as a read only, although I have had some success with updates.

  4. #4
    Lounger
    Join Date
    May 2011
    Location
    Vancouver, WA
    Posts
    30
    Thanks
    6
    Thanked 4 Times in 3 Posts
    Look at the KeeForm add in to work with most browsers and fill in id/password fields. It is not perfect but I've found it good enough for most sites. Of course there are those that use two screens now so you have to put things in one at a time. KeePass has some neat ways to handle that with multi-key presses.

    I've been using the KeePass portable version on Win7, Vista and Win 8 for some time now. For the Windows devices, I synchronize my KeePass folder across devices so all of my addins and most recent program version are the same. It has worked pretty well with SkyDrive, Cubby and now BitTorrent Sync.

  5. #5
    New Lounger
    Join Date
    Dec 2009
    Location
    Painesville, OH
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    Good article. I've been using Keepass on my Win and Android systems for a year and sync through Evernote with the KeePass file as an attachment to a note. Works great. Using KeePassDroid

  6. #6
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    I don't know about anyone else but the statement that with Keepass being Open Source, anyone can code addons for it makes me nervous. I can just see someone coding an addon that steals user IDs and passwords.

    Jerry

  7. #7
    Lounger jpl's Avatar
    Join Date
    Jun 2002
    Location
    England
    Posts
    45
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Keepass2Android

    When I bought my first smartphone late last year, I too came to the conclusion that Keepass2Android (KP2A) would be my best bet for password management on Android.

    My main password manager is not KeePass. I use KeePass on my Windows PC only for the small (<10%) subset of my passwords that I need on the smartphone. KeePass is configured to use a database "in the cloud", which is therefore accessible from the smartphone. KP2A works very well with a db in the cloud.

    However, I do at the moment use the QuickUnlock feature, mainly because I find typing a complex character set so awkward on a touch screen. Even with QuickUnlock, the full password must be used each time the app is run; if it is then left running, KP2A times out after 5 minutes and the the quick unlock is required for each subsequent access (i.e. each time you actually use a password). But the first time an incorrect quick password is entered, KP2A immediately reverts to requiring the full password. I think this is good enough for my current usage.

    JPL

  8. #8
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,176
    Thanks
    47
    Thanked 982 Times in 912 Posts
    I can just see someone coding an addon that steals user IDs and passwords.
    That is always possible but it's much easier to copy the database file and log the master password keystrokes.

    cheers, Paul

  9. #9
    5 Star Lounger
    Join Date
    Jan 2002
    Location
    Midlothian, Virginia, USA
    Posts
    874
    Thanks
    0
    Thanked 2 Times in 1 Post
    After reading the articles about KeePass I am very puzzled why Lincoln chose it over LastPass? I have been using LastPass for a few months and it seems to be much better at each thing that Lincoln discussed! It does keep itself synced between windows and android applications and it appears to me that it does everything that KeePass can do without any of the limitations or addons that were discussed. Fred Langa recently discussed the security of the online LastPass database and that sounds as secure as is possible in today's environment. There are some failures to login successfullly on fairly rare occasions just like KeePass but overall LastPass seems to be much superior to KeePass.

    I would be interested in hearing what I have missunderstood about the differences in these two password managers.

    Bill

  10. #10
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,176
    Thanks
    47
    Thanked 982 Times in 912 Posts
    I'd say it's personal preference. KeePass is a local store, LastPass is a cloud store, KeePass is extremely user configurable, LastPass is easier to use. Both do what you require and either should be on everybody's computer.

    cheers, Paul

  11. #11
    5 Star Lounger
    Join Date
    Jan 2002
    Location
    Midlothian, Virginia, USA
    Posts
    874
    Thanks
    0
    Thanked 2 Times in 1 Post
    Thanks Paul. There is certainly a lot of personal preferance involved in a choice like this. I was hoping that Lincoln would jump in and explain what he likes about KeePass over LastPass.

    Just for the record, LastPass does maintain a local copy of the database as well as using an online version and it automatically keeps those copies synced.

    Thanks for your comments.
    Bill

  12. #12
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,746
    Thanks
    171
    Thanked 649 Times in 572 Posts
    Quote Originally Posted by BillWilson View Post
    After reading the articles about KeePass I am very puzzled why Lincoln chose it over LastPass?

    I would be interested in hearing what I have missunderstood about the differences in these two password managers.
    KeePass is open-source and LastPass is not.

    He explained the advantage at length in the third section of Part 1; Why an open-source password manager?

    E.G.: "Suppose a password manager has a flaw that would let hackers crack the app’s encryption, or there’s an intentional back door. Sooner or later, the weakness will be exploited — potentially giving a hacker, a disgruntled former employee, or the NSA access to all stored passwords. It’s a good bet that this person won’t have your best interests in mind.

    With open-source software, there can be many programmers looking through the code. And many of those programmers want to make the app better and safer. Any vulnerabilities — or back doors — in an open-source application don’t go unnoticed for long. They’re quickly reported and just as quickly fixed."


    Bruce

  13. #13
    Lounger
    Join Date
    May 2011
    Location
    Vancouver, WA
    Posts
    30
    Thanks
    6
    Thanked 4 Times in 3 Posts
    Quote Originally Posted by BillWilson View Post
    After reading the articles about KeePass I am very puzzled why Lincoln chose it over LastPass? <snip> I would be interested in hearing what I have missunderstood about the differences in these two password managers.

    Bill
    The most complete comparison I've read is here: http://gizmodo.com/lastpass-vs-keepa...d-m-1452918307. Personally, I REALLY like having my password database fully under my control. If or where it resides in the cloud is up to me. I often access it when there is no connectivity on one or another device because I have a robust synchronization plan in place. And I just hate paying an annual fee for something that I can manage to do for free! I wouldn't want to open my browser to retrieve the alarm code before I open the door - I have enough of these codes for customer sites that I have to manage them somehow. And so on...

    For those who want an easy vendor provided solution, I think LastPass is great.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •