KeePass – Cloudless Password Management

Let’s say you have finally committed to creating new, unique, and long passwords for all your online, network, business, and machine user accounts.  How are you going to keep track of the dozens, if not hundreds of uniquely different passwords?  Using a system makes your passwords guessable, and writing them down in a spiral notebook is a hassle, and makes your password trove subject to theft.  The answer is using a password manager.

I have been advocating for password managers for a few years now. One of the main objections to using a password manager that I hear is that some people do not want to store their password trove in the cloud.  They are reluctant to trust this information to another company.  They are afraid of losing their passwords when the inevitable data breach occurs, as it will.  My personal choice, LastPass, was in fact breached in June 2015.  The stolen passwords were encrypted in such a way that the likelihood of decrypting them was remote, but still, LastPass users were advised at least to change their main LastPass password, and set up two-factor authentication.

In the last several days we have focused on other password manager solutions.  Today we are looking at KeePass.  KeePass is a free, open-source, non-commercial password manager.  It is the only password manager product that does not require cloud storage for your encrypted password database.  KeePass users can choose to store their passwords anywhere that is convenient, including a USB flash drive that makes KeePass easily portable between devices.  And yes, you can store this trove online with services such as Google Docs, Dropbox, or OneDrive, too.

Like many open-source products, there is a huge community of KeePass developers that have created dozens of plug-ins so you can set up KeePass to work in any way you can imagine.  Of course, if you want to go that route, you will find that you have to be willing to be a bit of a do-it-yourself-er.  You need to have a reasonable level of technical savvy.  But there are forums, tutorials, and documentation to assist you.

For more detailed information, please use the following link

More information:


About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment