Main menu

Password management

Updated: 26/10/2016 11:00

Keeping your passwords safe and different on each website or service is increasingly important.We can point you to 2 solutions:

  1. Free solution with KeePass (see below how to set that up on different devices, we use this ourselves).
  2. A Cloud managed solution (not free) with LastPass, see https://lastpass.com/ (used by some of our customers).


Password management with KeePass

To keep track of so many passwords is very hard and having the same password for many different services or websites is very dangerous. We use a free open-source software product: KeePass 2. You can find the installation programs on KeePass.info. There are also many plugins and mobile apps we use. The following is an overview how to make your life easier with the use of this password management system.

Concepts

In order to safely store all your passwords in one database file and to be able to use it on different platforms (e.g. PC, notebook, mobile phone, tablet) the database must be:

  1. Centrally accessible on all devices; we use DropBox to replicate the password database between vaious devices automatically
  2. Encrypted and secured; the KeePass 2 program will encrypt the database, which can be unlocked with a password
  3. Safe program: KeePass 2 is officially OpenSource, which means everyone can verify the internals of the program and determine it is safe
  4. Webbrowsers and other programs must be able to access your passwords; done via plugins

Installation on Windows PC

Prerequisites: Dropbox is installed on your PC (see www.dropbox.com) and a appropriate folder for storing the database is created (we use /Private).

We use KeePass 2 mainly on PCs and occasionally on tablets and Android Mobiles. The first step is to install KeePass 2 on the PC.

Download the latest KeePass 2 Professional installer (at time of writing: 2.28) from the official KeePass website: KeePass.info and one plugin we used: KeePassHttp (under Integration & Transfer). The download and plugins pages are on the left menu:

Install the KeePass 2.x program, just follow the steps. Create a plugins sub-folder in KeePass programs folder: C:\Program Files (x86)\KeePass Password Safe 2\plugins. Copy the plugin KeePassHttp.plgx into this folder. This plugin is the bridge between the web browsers we use (Chrome and Firefox) and the database. Next we will have to load a plugin into each of these webbrowsers.

Load Chrome plugin

Open the Chrome browser and ...

  1. Click the customize button (3 horizontal lines)
  2. Select Settings.
  3. On the left select Extensions.
  4. Click "Get more extentions".
  5. Type "chromeIPass" in the Search the store box and press Enter.
  6. Under Extensions, click "chromeIPass" + FREE button to install the extension.
  7. The first time you connect Chrome to the KeePass program you have to authorize it (name it something like Chrome-PCname).

Load Firefox plugin

Open Firefox browser and ...

  1. Click the Open Menu button (3 horizontal lines)
  2. Select Add-Ons.
  3. In top right search box, type PassIFox and press Enter.
  4. Click Install.
  5. The first time you connect Firefox to the KeePass program you have to authorize it (name it something like Firefox-PCname).

Configuration on Windows PC

Once installed you can open the KeePass 2 program and create a new KeePass database (File | New...). Navigate to your local Dropbox folder /Private and create a database file with your name. As example I used MyName.kdbx. The first step is to create the Master Key, which will be used to open the database:

There are a number of options, but to keep it simple and usable on all devices only select the Master password. Think of an easy to remember yet difficult to guess password with Capital Letter(s), lower case letters, numbers and special characters (e.g. ! ? < > @ # $ % &). It is very important to be able to remember this password since you will be typing this every day from now on. Loosing this password is also very bad, because you will loose access to all the stored passwords in this database. One trick is to make an easy to remember sentence and pick the first letter of each word, for example: We love the beach in Australia and go there every day. The password would then be: WltbiAagted. The window above will show the password strength in the estimated quality bar, the greener it get the better it is. However don't go overboard, you still need to be able to remember it!

Click OK to go to step 2:

Just fill in your name in the Database name field and leave all other settings as is. Click OK and you are ready to start storing passwords.

The database allows us to organize the passwords into logical folders, which is all up to you, but the default database looks like this:

You can create folders in folders. This folder structure is shown on the left, starting with MyName.

The righthand pane will contain password entries, which I will describe below.
Note: Although the database is stored in DropBox and can be changed on all devices you share your DropBox with, it would be best to change the database on one device only to prevent loss of changes and database corruptions.

Password entries

These password entries not only keep the username and password combinations, but also the website (URL) it is used in. That makes is possible for the browser integrations to automatically select the right entry and fill it in for you; Firefox needs right-click and select Fill User & Pass, but Chrome does it fully automatic.

First navigate to the sub-folder in which you like to store the password. Then click on the Add Entry.. button .
There are many elements you can fill in, the most important ones are under the Entry tab:

  • Title: a descriptive name for the entry, like "Google account" or "My bank login".
  • Icon: select an icon for visual recognition by yourself of service type
  • Username: the username you need for logging in to the website, e.g. This email address is being protected from spambots. You need JavaScript enabled to view it. or my bank account number.
  • Password: you can type the current password (twice) and the Quality bar shows how good / difficult the password is. The 3 big dots button will show or hide the password. The Generate password button can be used to generate a random password. And that is the core idea behind this password database: Generate random passwords for EVERY website, of course also change the password on the website to match the generated one.
  • URL: specification of the website address used for automatic matching and filling in by browsers. The more you specify, the stricter the selection. Examples:
    • google.com (will do all google websites with the same user/password)
    • https://hosting.vanree.com/owa/auth/logon.aspx (will only match secure HTTPs on server hosting.vanree.com for the page /owa/auth/logon.aspx)
    • note: you can have multiple entries pointing to the same URL; when you select the website a popup window will appear where you can select the wanted entry.

Installation on Android phone or tablet

First of all make sure you have DropBox installed on the Android device (via Play Store) and the /Private folder is accessible.

We use Keepass2Android to make available the database enties we created on the PC. Goto the Play Store and search for Keepass2Android Password Safe by Croco Apps and install that tool. Then also search and install "Secure Settings" by intangibleObject.

Select in the Settings | Language and input the Keepass2Android keyboard, that will be your integration between apps and the password database.

 

.