KeePassX, Cross Platform Password Manager

I bet I’m not the only one having to remember countless of passwords for a unknown number of different sites, mobile phones and all the stuff requiring the use of passwords. Today, passwords are used everywhere you look, face it, they won’t go away any time soon.

Another thing people just start to realise, passwords like “123456″, “qwerty” or “password” aren’t really secure and the convenience you gain using such simple ones stays in no relation to the risk they put yourself at.

So, what do you need? You need something to save your passwords, you need to know where this password belongs to, you need something to help you create secure passwords quickly.
In addition to that the software should be open source and being cross platform wouldn’t harm either.

And again, looking on Sourceforge was a pretty good idea. I found KeePassX, an application satisfying all my needs.

The download page features, besides the source code, distribution packages for Ubuntu, OpenSuse, Fedora just as a package for OSX and a zip file for Windows. I know that at least Ubuntu does offer an older release in its repositories but when it comes to security, I want to stay up-to-date.

After installing it you can find it in Applications -> Accessories -> KeePassX on your gnome-panel.

The first thing is to create a new database. The database will be the archive of you passwords, usernames, websites and so on. Databases can be protected by password, by a small key file or/and by both.

[singlepic=53,450,400,,center]

Next step is creating groups for the different kinds of passwords you want to same like forums, websites, svn, ftp-servers, games. Besides the name you can assign icons to those groups for better usability.

Now that you created at least one group you can create entries, those entries may contain title, username, url, password, expiration date, comment and an attachment. You can either come up with a password yourself, or use the built-in password generator. Come to speak of it, this password generator is really worth mentioning. Checkboxes enable you to choose which kind of characters you want to be used, like lower/upper case letters, numbers, special characters, spaces and underlines. You can define a list of characters to be used yourself as well. Let the randomness begine! ….wait, there’s another feature of the generator: The option “entropy collection” allows you to generate your own little randomness recording mouse movements and key strokes.

[singlepic=55,450,400,,center]

Once you saved the password you want be able to use them. KeePassX allows to view them, to copy them to your clipboard or to use a feature called “Perform Auto Type”, which types in your username and password on your page of choice.

[singlepic=54,450,400,,center]

You might also like

4 thoughts on “KeePassX, Cross Platform Password Manager

  1. Another option I’ve found and personally love is PwdHash:

    http://www.pwdhash.com

    The idea is that you can generate strong passwords by hashing together the domain name and a simple “master password”. This produces passwords that are unique to each domain, and you only need to actually remember/store your master password, generating your individual site passwords each time.

    There is a Firefox extension available, and I’ve also created a desktop front-end for Ubuntu. Check it out here:

    http://www.automaticable.com/2008-07-03/introducing-pwdhash-sharp-084/

  2. I just finished reading you blog post. This is indeed a very clever approach. I just got the firefox addon and will give it a try.

    Thanks for the lead.

  3. Nice article, I work for Vidoop so I am biased but I really like the password management solution we have at http://myVidoop.com

    It is a free browser plugin ( http://twurl.cc/2rj ) and it will store all your online passwords. You can store your passwords locally or online with myVidoop. If you store your passwords on myVidoop then they are accessible from anywhere.

    I keep a copy of FireFox portable on a thumb drive, along with the plugin installed and password file and have a completely portable solution that I can plug in anywhere. Once I am done I just unplug the drive and move on.

    If anyone found the drive they would still need to authenticate with the ImageShield on http://myVidoop.com and I could easily deactivate the portable browser…

    I would be interested to hear thoughts on how people think our password management solution stacks up against KeePassX, Roboform, n-Pass, etc.