KeePass – Cloudless Password Management

Let’s say you have finally committed to creating new, unique, and long passwords for all your online, network, business, and machine user accounts.  How are you going to keep track of the dozens, if not hundreds of uniquely different passwords?  Using a system makes your passwords guessable, and writing them down in a spiral notebook is a hassle, and makes your password trove subject to theft.  The answer is using a password manager.

I have been advocating for password managers for a few years now. One of the main objections to using a password manager that I hear is that some people do not want to store their password trove in the cloud.  They are reluctant to trust this information to another company.  They are afraid of losing their passwords when the inevitable data breach occurs, as it will.  My personal choice, LastPass, was in fact breached in June 2015.  The stolen passwords were encrypted in such a way that the likelihood of decrypting them was remote, but still, LastPass users were advised at least to change their main LastPass password, and set up two-factor authentication.

In the last several days we have focused on other password manager solutions.  Today we are looking at KeePass.  KeePass is a free, open-source, non-commercial password manager.  It is the only password manager product that does not require cloud storage for your encrypted password database.  KeePass users can choose to store their passwords anywhere that is convenient, including a USB flash drive that makes KeePass easily portable between devices.  And yes, you can store this trove online with services such as Google Docs, Dropbox, or OneDrive, too.

Like many open-source products, there is a huge community of KeePass developers that have created dozens of plug-ins so you can set up KeePass to work in any way you can imagine.  Of course, if you want to go that route, you will find that you have to be willing to be a bit of a do-it-yourself-er.  You need to have a reasonable level of technical savvy.  But there are forums, tutorials, and documentation to assist you.

For more detailed information, please use the following link

More information:


About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.