![]() ![]() ![]() KeePass is a very good password manager that's great on options, but not so hot on online integration.Īuto-type window definitions in custom window-sequence pairs are now Spr-compiled (i.e. It's not bad by any means, but it's just not as smooth an experience as other similar apps like Sticky Password Free or BlackBox Password Manager. Unfortunately, it's here on the internet integration that Keepass loses a few points. You can then copy the password information you need to the clipboard, where it will be erased automatically after a few seconds. In order to actually use your passwords, you'll need to have the app open. Right-click on an entry to modify it, and use the icons along the top of the window to perform the most basic KeePass tasks. Navigating the KeePass interface is very intuitive. Setting these up is easy, as KeePass walks you through each step with a clear and detailed wizard-like approach. How you organize these is up to you - you could have a work and a personal database, for example, filled with groups like banking, internet and social networks. Once you've set up a master KeePass password, you'll want to go about setting up password databases and groups - categories of password-protected information. To this end, KeePass will assess the master password's strength, as well as offering extra protection like a key file option and the ability to enable a Windows user account backup, in case a user account is lost. As this is the main step and the first line of KeePass' defences, it's essential that it's a good one. First off, the app will ask you to define a master password. At least then it is your device, not someone else’s, so you have an idea of which crappy software is installed, which updates are missing etc.This app doesn't require installation, and presents a simple, easy-to-navigate interface. When on the go, better sync your keepass file to your smartphone and use e.g. ![]() This is similar with keepass, but again, keeweb is for the use case where this is not your system! Moreover, keepass for windows offers a “secure desktop” where you enter your master password which cannot be accessed by (off-the-shelf) keyloggers, keeweb doesn’t). – the system you use (for example keyloggers can sniff your master password. – the browser you use (especially, keeweb is made for the use case when you are not at your own pc, so this is the browser of someone else, with a bunch of extensions installed and probably outdated). you need to trust the CA-system… or use cert-pinning) – the network connection between your system and the server (man-in-the-middle might replace keeweb with an infected version), or properly setup SSL (i.e. If keeweb is on dropbox, then you need to trust them. – the server that keeweb is stored on (an attacker might replace keeweb with some infected version on the server). If you use keeweb, you additionally need to trust: You need to trust your end devices anyway, as they are the place were you decrypt you keepass database. This means you only need to trust your end devices, not the server. You can secure your keepass file with a key-file that you don’t put into the cloud, making it really really hard for someone to brute-force if he gets access to your cloud storage. The good thing about keepass is that you can sync your passwords across devices through some cloud service like dropbox or owncloud without the need to trust the cloud service. Now You: Would you use a service like KeeWeb? The author promises that the app contains no statistics or analytics scripts or advertisement. Since it is open source, you can audit the code to make sure of that. The remote version of KeeWeb makes no external requests, uses only locally stored data and makes only one network connection to check for updates which users can disable in the app settings. KeeWeb is something that I will keep an eye on definitely to see if creating your own self-hosted version of the application improves or is made clearer on the project website so that anyone with a Dropbox account but no knowledge of scripting or programming languages or Dropbox application creation can set it up on their own. I have no need for that, and won't use a service hosted by a third-party to open my KeePass database either.Ī self-hosted web version of KeePass on the other hand, that is open source, and easy to set up, should have appeal to users of the application. The desktop applications are cross-platform which may have some appeal to users of KeePass. ![]()
0 Comments
Leave a Reply. |