KeePass – Cloudless Password Management

Let’s say you have finally committed to creating new, unique, and long passwords for all your online, network, business, and machine user accounts.  How are you going to keep track of the dozens, if not hundreds of uniquely different passwords?  Using a system makes your passwords guessable, and writing them down in a spiral notebook is a hassle, and makes your password trove subject to theft.  The answer is using a password manager.

I have been advocating for password managers for a few years now. One of the main objections to using a password manager that I hear is that some people do not want to store their password trove in the cloud.  They are reluctant to trust this information to another company.  They are afraid of losing their passwords when the inevitable data breach occurs, as it will.  My personal choice, LastPass, was in fact breached in June 2015.  The stolen passwords were encrypted in such a way that the likelihood of decrypting them was remote, but still, LastPass users were advised at least to change their main LastPass password, and set up two-factor authentication.

In the last several days we have focused on other password manager solutions.  Today we are looking at KeePass.  KeePass is a free, open-source, non-commercial password manager.  It is the only password manager product that does not require cloud storage for your encrypted password database.  KeePass users can choose to store their passwords anywhere that is convenient, including a USB flash drive that makes KeePass easily portable between devices.  And yes, you can store this trove online with services such as Google Docs, Dropbox, or OneDrive, too.

Like many open-source products, there is a huge community of KeePass developers that have created dozens of plug-ins so you can set up KeePass to work in any way you can imagine.  Of course, if you want to go that route, you will find that you have to be willing to be a bit of a do-it-yourself-er.  You need to have a reasonable level of technical savvy.  But there are forums, tutorials, and documentation to assist you.

For more detailed information, please use the following link

More information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.