How to Use KeePass to Store Password and Other Sensitive Information

KeePass, along with KeePassX and KeePass Portible, is software that safely and securly stores username and password information. One big advantage of KeePass over lots of other methods of storing passwords is the ability to setup groups and subgroups of passwords along with keeping your password database encrypted using AES or Twofish encryption algorithms. So lets get started by going through how to set up and use a database as well as some useful options in the program.

First, you'll Obviously need to download and install a version of KeePass. There's KeePass for Windows, KeePassX for Mac and Linux and KeePass Portable a windows version installable on removable media to take with you wherever you go. All of the versions can use the same database so that way you can keep one version of your database and use it between all types of computers. Next, After installation we need to create a new database, do this by clicking the "New" button in the toolbar, under the file menu, or by pressing CTRL+N.

Third, you are prompted to set the master password and optionally a key file. Type in the password you want to use, you'll see a scale below the input which indicates how secure your password is (the higher the better). Be sure to remember this password, if you forget it there is NO backdoor to get your entries from the database. If you want to use a key file along with the password for improved security, check the box to use both and select a location to save it (be sure to see the note about key files after the setup steps). When you click ok it asks you to retype the master password to ensure you got it right. If you elected to use a key file follow the sub-step below if not you can skip to step 4.

Optionally, if you are using a key file KeePass now needs some random input to generate a key for that file, and you can do that using random mouse input or random keyboard input or both (using both is your best option). So click the "Use Mouse as Random Source" button and start waiving the cursor around in the static filled box until the bar below the button is full. Next go over and start filling in the text box with random keyboard input; letters, numbers, special characters, the more the better also be sure to use a mix of upper and lower case letters. Don't worry your not going to need to remember this later... When your done click ok.

Fourth, After setting up all the security related to your database, KeePass suggests some password groups for you (note to KeePassX users: I don't think this is the case and you will need to set them up yourself, the default groups are a main General folder with subgroups of Windows, Network, Internet, eMail , and Homebanking ). We'll go into how to make changes to password groups later, for now lets create our first password entry.

So now the meat of what we'll be doing, creating entries in the database. Click the "Add Entry" button on the toolbar , under the edit menu, or press CTRL +Y to get the add entry window. Select the group and icon to use for this entry if the defaults don't suit your needs. Fill in a title for the entry, your username , and Password along with a URL, Note, or expiration date (technically you don't need any of that data but what good is a blank entry). You can also import from a number of other formats under the "File - Import From" menu to save some data entry.

This works like a standard explorer type window, you can drag entries around to move them between groups, you can drag groups around to make them subgroups, and right click on a group to rearrange it. You can create, modify or delete groups or subgroups by right clicking in the group pane or under the edit menu.

Now that we have everything setup the way we like lets briefly go over how to use KeePass, some useful options and some tips. The most basic way to use KeePass is copy the password to the clipboard, by default KeePass will clear the clipboard after 10 seconds for added security. There is also an auto-type feature but it should be noted that this could expose your username and password to keyloggers, also make sure the cursor is in the username field. The default for the auto-type feature is to type you username, press tab, type your password, and press enter if the site you are on expects something different you'll have to set up a custom auto-type. Both of these can be accessed using the edit menu with the entry you want to use selected.

The options window under the tools menu has a number of features that are useful when turned on. Under the security tab the Lock workspace on minimize and on locking Windows or switching Users requires the master password to be re-entered when one of those actions occurs. Turn one or both of these on if the computer you use could be accessed by other people. In the Interface tab check minimize to tray to save space on your taskbar. Under the Setup tab you can create a file association with kdb files so KeePass will open any kdb files you double click on. Look under the options on the Advanced tab and check/uncheck an features you want to enable/disable.

The last tip I can offer for now is to let you know that you can store any data in KeePass that you might not want to write down because of security. Any ID numbers that can easily be forgotten; like social security numbers, drivers license numbers, passport numbers can be kept in KeePass and since the database is encrypted you don't need to worry about these being stored on your computer. You can even keep credit card numbers securely for when you are shopping online and don't want to have to go get your purse or wallet to get your credit card information. For any additional help you can visit the KeePass homepage at http://keepass.info/

Note about key files: Key files are meant to be a separate part of the overall key and therefore only really make sense when kept separate from the database like on a floppy, USB drive, or CD. However, if you use a key file, you must have this file in order to open the database. So if you have the file on a separate media and loose it with no backup copy your entires are lost because you will not be able to get into the database. For further explanation see http://keepass.info/help/base/keys.html