Custom Search
 


Free Password Manager KeePass - a feature rich, free, very secure, and easy-to-use


Inside This Article
1Introduce Free Password Manager - KeePass
2Beef up your security with a key file
3How to back up KeePass
4Use KeeForm to log into a secure website automatically
   
5Use Auto-Type to log in a web page automatically
6Use On-Screen Keyboard with KeePass
7Open URLs in different web browsers
8. How to use KeePass in a more secure way

How to use KeePass in a more secure way



On this page, we will talk about how to use some of the advanced features in KeePass that can be used to combat sophisticated keyloggers (spy software) such as those with clipboard memory dump, screen capture, mouse clicks capture, or other capacities.

Note that no security is 100% bulletproof. Choose carefully the ones that best suit your needs.

1. Use Enhanced clipboard method.

In KeePass main window, click menu bar on the top Tools -> Options. When the Options window opens, click Memory tab.

Open KeePass Options.

Enhanced: pasting only once.

There are two clipboard behaviors to choose from: Timed and Enhanced.

You should choose "Enhanced: allow pasting only once and protect against clipboard spies."

Note: KeePass The Enhanced behavior may not work correctly on some systems, especially if any clipboard enhancing tools or something like that are used. If you notice any problems with this enhanced method, KeePass recommends that you switch back to Timed method.

2. Disable unsafe operations.

In KeePass main window, click menu item Tools -> Options. When the Options window opens, click Security tab.

Find the checkbox "Disable unsafe (security-critical) operations like exports, etc." and check it.

Configure KeePass: disable unsafe operations and use secure password edit controls.

3. Use more secure password edit controls.

In KeePass main window, click menu item Tools -> Options.

When the Options window is opened, click Security tab. Find the checkbox "Use more secure password edit controls" and check it. See screenshot above.

KeePass was the first password manager featuring more secure edit controls. The edit controls used in KeePass are resistant to password revealers and password control spies. Additionally, the entered passwords are protected against memory dumping attacks: the passwords aren't even visible in the process memory space of KeePass!

If you want to know more about how it works internally, read the following article by Dominik Reichl (the KeePass author) about secure edit controls: CSecureEditEx - A More Secure Edit Control

4. Always let KeePass generate random password for you.

In KeePass main window, click menu item Tools -> Options. When the Options window is opened, click Advanced tab. Find the checkbox "Automatically generate random password" and check it.

Enable KeePass to automatically generate random password.

When you create a new password entry, KeePass automatically fills the Password field with a random password of 20 characters in length by default. The default character sets used to generate the password are

  • Upper-case (A, B, C, ...)
  • Upper-case (a, b, c, ...)
  • Digits (0, 1, 2, 3...)

There are 6 other character sets to use. Do use them if the site or application you create the password for allows them.

You can overwrite the auto-generated password by using the Password Generator that comes with KeePass. Click the Gen button next to Repeat Password field to bring up the Password Generator.

Make sure that the password you generated is at least 8 characters in length. Actually, the longer the better if no length limit for the password is enforced.

If there is no requirement about what characters you can use for the password, always mix some non-alphanumeric characters in it.


Manually generate random password.

5. Use master password and key file combination.

KeePass supports combining the two locking methods - master password and key-file. KeePass database can be locked using a master password and a key-file. If you lose one of them, you cannot unlock/open your database. On the other hand, if someone steals your key-disk (which contains key-file) and password database, the database is still secure because the attacker doesn't know your master password.

6. Use KeeForm to fill a web form.

KeeForm is a KeePass form filler utility.

KeeForm is designed to simplify the process when you log into an online application such as Hotmail or standalone application such as Yahoo Messenger. After you set up KeeForm correctly, what you need to do when log into a site is just double click the URL field in KeePass. Then KeeForm will take you thru the following process automatically:

  1. Open Internet Explorer.
  2. Open the login web page.
  3. Fill out the Username and Password field.
  4. Click the Submit or Login button for you.

Keeform is keylogger safe.

7. Open URL in Mozilla Firefox instead of Internet Explorer.

For security reasons, some people trust Mozilla Firefox more than Internet Explorer. If Firefox is not your default browser, you can still get KeePass to open a URL in Firefox automatically. Refer to article Open URL in different web browsers for more information.

8. Use Auto-Type.

KeePass features an "Auto-Type" functionality. This feature allows you to define a sequence of keypresses, which KeePass can automatically perform for you. The simulated keypresses can be sent to any other currently open window of your choice (browser windows, login dialogs, ...).

9. Use On-Screen Keyboard (OSK).

On-Screen Keyboard can be used to enter master password and other information for a password entry. Here the purpose of using On-Screen Keyboard is to avoid keystrokes that can be tracked by keyloggers. However, with the availability of KeeForm or other excellent ways to combat keyloggers, I don't see the usefulness of using on-screen keyboard on your own computer as it's quite cumbersome to use.

At times you may want to use it when you use public computers in library, hotel, or internet cafe.


Copyright© GeeksEngine.com




Inside This Article
1Introduce Free Password Manager - KeePass
2Beef up your security with a key file
3How to back up KeePass
4Use KeeForm to log into a secure website automatically
   
5Use Auto-Type to log in a web page automatically
6Use On-Screen Keyboard with KeePass
7Open URLs in different web browsers
8. How to use KeePass in a more secure way
Related Articles:

1.Introduce Free Password Manager - KeePass


Other Recent Articles from the Safe Computing category:

1.Choose Good Passwords That You Can't Remember
2.Protect files and folders with file container
3.A MD5 checksum file generated by freeware FileCheckMD5
4.How to check data integrity for copying files / folders and CD burning
5.What is checksum and how to calculate and use checksum values to verify data and file integrity
6.What is index.dat file and how your internet privacy is affected
7.What is keylogger and the differences between software and hardware keylogger
8.Protect Your Computer On the Internet For Free with Six Simple but Essential Steps
9.Introduce Free Password Manager - KeePass
10.Introduce Free Password Manager - Password Safe
11.Do you manage your username and password wisely?

Copyright © 2017 GeeksEngine.com. All Rights Reserved.

This website is hosted by HostGator.

No portion may be reproduced without my written permission. Software and hardware names mentioned on this site are registered trademarks of their respective companies. Should any right be infringed, it is totally unintentional. Drop me an email and I will promptly and gladly rectify it.

 
Home | Feedback | Terms of Use | Privacy Policy