KeePass – Cloudless Password Management

Let’s say you have finally committed to creating new, unique, and long passwords for all your online, network, business, and machine user accounts.  How are you going to keep track of the dozens, if not hundreds of uniquely different passwords?  Using a system makes your passwords guessable, and writing them down in a spiral notebook is a hassle, and makes your password trove subject to theft.  The answer is using a password manager.

I have been advocating for password managers for a few years now. One of the main objections to using a password manager that I hear is that some people do not want to store their password trove in the cloud.  They are reluctant to trust this information to another company.  They are afraid of losing their passwords when the inevitable data breach occurs, as it will.  My personal choice, LastPass, was in fact breached in June 2015.  The stolen passwords were encrypted in such a way that the likelihood of decrypting them was remote, but still, LastPass users were advised at least to change their main LastPass password, and set up two-factor authentication.

In the last several days we have focused on other password manager solutions.  Today we are looking at KeePass.  KeePass is a free, open-source, non-commercial password manager.  It is the only password manager product that does not require cloud storage for your encrypted password database.  KeePass users can choose to store their passwords anywhere that is convenient, including a USB flash drive that makes KeePass easily portable between devices.  And yes, you can store this trove online with services such as Google Docs, Dropbox, or OneDrive, too.

Like many open-source products, there is a huge community of KeePass developers that have created dozens of plug-ins so you can set up KeePass to work in any way you can imagine.  Of course, if you want to go that route, you will find that you have to be willing to be a bit of a do-it-yourself-er.  You need to have a reasonable level of technical savvy.  But there are forums, tutorials, and documentation to assist you.

For more detailed information, please use the following link

More information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.