Saturday, August 21, 2010

KeePass

So, I've finally had some time to take a look at a few of the tools I learned about in the past few weeks of school, and one that even the home user can benefit from is call KeePass. Basically it is an application that can store all of your passwords (securely) for all of your applications, websites, etc...

A couple of features that I found handy were the ability to create a random password, and the ability to copy the password to your clipboard. Keepass has a feature that will create a pseudo-random password, which you can save for any of your applications so you don't have to remember it. It also has the ability to copy that password to your clipboard so you can just paste it into the login field of your particular application. There's a catch though. It only keeps the password stored in your clipboard for a few seconds, then wipes it. This is a good thing, as I'm sure I'm not the only one guilty of requesting a password reset from a web site, getting the email, and copying and pasting the new password into my login field. The problem with this? Well, the clipboard is just a small memory space that stores things until they get overwritten. So if the last thing you've copied to your clipboard is your banking password and I have access to your computer (by any means), I can grab it either from memory or, if I have phyical access, just hit ctrl-v.

...and if you're paranoid like me, you can run KeePass from an encrypted thumb drive using TrueCrypt, so your passwords will never be on your computer; and if you lose your thumb drive, well, you've lost your passwords, but a bad guy won't be able to recover the encrypted data -- at least not in our lifetime.

Check out KeePass here:
KeePass