Anyone using Keepass and is it safe?

Discussion in 'Computer Support' started by hmmm, Jun 1, 2007.

  1. hmmm

    hmmm Guest

    I keep reading reviews about this Sourceforge Project and was thinking of
    buying a cheap USB stick for it. Between the forums and other various
    sites, these passwords add up. Someone once told me that he uses only one
    password for everything he's not concerned about (forums, etc), and another
    one for his private info. Personally, I find that to be the easy, non-
    secure route.

    Keepass is here - any comments?

    Anyone have long-term experience with it?
    hmmm, Jun 1, 2007
    1. Advertisements

  2. hmmm

    RedForeman Guest

    it just adds ONE more password to your list.. you need a password to
    open the password manager... ironic or assinine, I'm not sure...

    the concept of using one generic and one secure password is what i've
    done for years.... I've went to passphrases instead of passwords....

    These are possibly weak if someone knows enough about you....
    "I like chocolate the best"
    "My dog is yellow and white"
    "My wife has big boobs"
    "My name is Bart"

    "My password is too long for me to remember, but a sentence is easier"
    - was a password for a bank account I had....

    "We're off to see the wizard, the wonderful wizard of oz" - is one I
    saw once while shoulder surfing....
    RedForeman, Jun 1, 2007
    1. Advertisements

  3. hmmm

    Susan Bugher Guest

    Seems likely. ;) (This is the second year KeePass has been on the
    Pricelessware list.)

    Posted to alt.comp.freeware
    Search alt.comp.freeware (or read it online):
    Pricelessware & ACF:
    Pricelessware: (not maintained)
    Susan Bugher, Jun 1, 2007
  4. hmmm

    Guest Guest

    Who cares how many passwords are on your 'list'?

    I have about 100 passwords in Keepass and most of them I have never even
    seen let alone tried to remember.

    There is a limited but functional version of KeePass for Windows PDAs which
    gives me access away from computers.

    For the OP my long-term experience with KeePass is - no problem. Read the
    Betanews reviews for
    more opinion.

    Guest, Jun 1, 2007
  5. hmmm

    hmmm Guest

    hmmm, Jun 1, 2007
  6. hmmm

    Susan Bugher Guest

    It's been on the PL list almost *forever* (PL2007 PL2005 PL2004 PL2003
    PL2002 PL2001). :)

    FYI. . .
    The index of PL2007 programs is here:
    The Cumulative Pricelessware List is here:

    Posted to alt.comp.freeware
    Search alt.comp.freeware (or read it online):
    Pricelessware & ACF:
    Pricelessware: (not maintained)
    Susan Bugher, Jun 1, 2007
  7. hmmm

    bealoid Guest

    wrote in

    I really like keepass. The other one I've used is "password safe", also on
    sourceforge. From what I've heard people have less trouble with keepass
    than with password safe. I'm not sure if the latest version fixes those
    bugs. Always keep a good backup of your databases!

    I agree that strong passwords should be used for everything, and that these
    are hard to remember. So having just one, very strong, password for my
    password safe software is a good thing for me.
    bealoid, Jun 1, 2007
  8. hmmm

    Kamikazee Guest

    I use it only for 2 months but it is great tool.
    For better security use key file.
    Kamikazee, Jun 1, 2007
  9. hmmm

    Dustin Cook Guest

    wrote in

    I've been a fan of passkeeper myself:

    PassKeeper v1.2

    Dustin Cook
    Author of BugHunter - MalWare Removal Tool - v2.2c
    Dustin Cook, Jun 2, 2007
  10. hmmm

    Vanguard Guest

    If you actually use strong passwords, the type that look scrambled and
    contain no word strings, then these type of utilities are handy. Who
    wants to remember dr4.utWW_xR9.4.5yyQ$v9d0Tx? However, I use a scheme
    that lets me use a unique password at every site without having to save
    it in some utility. By using a scheme then you can always figure out
    what you would've used at that site.

    As an example, use a couple of nonadjacent digits from your birthyear,
    the first or last 2 initials of you 3-character initials of your first,
    last, and middle name, and the first or last 3 to 5 characters of the
    domain (if the domain is shorter than what you decide for the standard
    length then include the TLD part of the domain, too, like you use 4
    character but at you would use buyc or ycom). Then decide on
    the order of these substrings which is always the same, like
    <LINITS2><fdomain4><midbyear2> (which you can record as your hint to
    remind you although if you use the same scheme then you don't need to
    have hints). In this case, the scheme is the last 2 initials of your
    3-initial name (and both are capitalized as indicated in the hint),
    first 4 characters of the domain name, and the middle 2 digits of your
    4-digit birthyear. Every site would have a different and unique
    password. I usually don't include special characters (-,_,$,.,etc.)
    because too many sites don't let you use them. Although longer
    passwords are better, many sites don't accept more than 8 characters but
    many want 6, 7, or more so 8 usually works most places. If one site
    wants longer passwords then use one where the hint is
    <LINITS3><fdomain5><byear4rev> (where the last is the reverse order of
    the digits in your 4-year birthyear). Just come up with a scheme that
    you can remember but generates garbage looking passwords. Eventually
    you will be without your USB stick with the keepass on it, the stick
    goes bad, the computer you want to use doesn't have USB ports or they
    have been deliberately disabled, the drive crashes and takes the
    database file with it that you haven't backed up yet, and so on. A
    scheme in your head that is fixed but provides variable results goes
    everywhere you do. Generating strong passwords doesn't mean that you
    can't use a common scheme to produce them all.

    One reason I started doing this was, well, I didn't bother checking
    around for such software. When I tried it then I realized that the
    software, USB stick, or whatnot might not be with me at the time. I
    also used to use Password Safe (also at and thought the
    horror stories about the database getting corrupted (by Password Safe
    itself) or file system corruption or drive defects and no backups was
    just peculiar to some users - until I lost my database TWICE. I'm not
    going to waste time looking for backups to restore an old copy of the
    database which might not have my most recent stored password when I
    immediately need to login into an account to transfer funds NOW or do
    something immediate. You might have a thumb drive on your keychain and
    tote around a cellphone but that doesn't preclude them from getting lost
    or breaking. In fact, losing files on thumb drives isn't really an
    unusual problem.
    Vanguard, Jun 2, 2007
  11. hmmm

    Pennywise Guest

    That's where my head exploded :)

    I use Acerose by the way...
    Pennywise, Jun 2, 2007
  12. hmmm

    me Guest

    Ditto. A gem, indeed.

    me, Jun 2, 2007
  13. hmmm

    hmmm Guest

    wrote in BLACK:
    It might be a good idea for this group that when anyone refers to a program
    they like. to provide the author's site.

    I did a Google search and found many references but not what I think is the
    author's site:

    Those who don't Siteadvisor might end up downloading it from some rather
    prurient sites.

    The question then is which is a safer, better written program - Passkeeper,
    Keepass or Passwordsafe?

    I couldn't help but notice that Passkeeper still have the zip version for
    Windows 3.1 uploaded to the site!
    hmmm, Jun 2, 2007
  14. hmmm

    hmmmm Guest

    Are you sure that a C&P from a password program isn't alot easier, since
    you can buy several USB sticks today for about $10-$20?
    hmmmm, Jun 2, 2007
  15. hmmm

    Vanguard Guest

    hmmmm wrote in message

    Unlike the geek that likes carrying around a keychain with a thousand
    keys, I prefer slim and mean. So do you folks also have problems
    remembering your own telephone number, too? Ah the wonders of
    technology to hide a users stupidity.
    Vanguard, Jun 2, 2007
  16. hmmm

    Guest Guest

    While I am no fan of bloat and useless features how anyone can be a fan of
    or describe as a gem something so incredibly basic it has nothing which
    could be described as a feature.

    PassKeeper is as much a password management system as Windows notepad is a
    desktop publishing system.

    Guest, Jun 2, 2007
  17. hmmm

    Dustin Cook Guest

    It does what it's designed to do with great ease. Stores a list of
    passwords and logins for sites, etc.
    What do you want in a password management system?

    Dustin Cook
    Author of BugHunter - MalWare Removal Tool - v2.2c
    Dustin Cook, Jun 3, 2007
  18. hmmm

    Guest Guest

    About 2/3rds of the list here

    The big ones for me are categorising and arranging in groups, URL support,
    intelligent clipboard use and auto typing, protection of clear text in
    memory and windows controls, open-source so its security is open to

    Guest, Jun 3, 2007
  19. hmmm

    Bear Bottoms Guest

    Comodo Ivault is very good. It is not Vista ready yet:

    Until Ivault becomes Vista ready, I am listing AccessManager on my
    website: as my pick for
    the current best mainly because it runs on 98/ME/2000/XP/2003/Vista. It
    requires NET framework but that is not a drawback for me.

    KeePass is great, but it is not Vista ready. I do not have access but
    rarely to a Vista machine, so I can't easily check if it will run on Vista
    even though.

    Open Source is fine, but I find many very slow to become Vista ready. Like
    it or not, Vista will become the dominant OS in the near future. IMO,
    products that are quickly certifying Vista ready usually are the leaders.
    Some of our old favorites will quickly fall behind if they do not quickly
    upgrade to perform on Vista.
    Bear Bottoms, Jun 3, 2007
  20. hmmm

    me Guest

    wrote in

    Noted. Sorry 'bout that. It's at

    The win3.1 is 16-bit version. It still works, so, why not to
    have it there? IOW, it's none of our b'ss. ;)

    me, Jun 3, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.