Open Source password manager (KeePassX)
Let me start this entry by quoting Bruce Schneier, an internationally acclaimed cryptographer and security researcher:
As a cryptography and computer security expert, I have never understood the current fuss about the open source software movement. In the cryptography world, we consider open source necessary for good security; we have for decades. Public security is always more secure than proprietary security. It’s true for cryptographic algorithms, security protocols, and security source code. For us, open source isn’t just a business model; it’s smart engineering practice.
KeePassx is a free/open-source password manager or safe which helps to manage passwords in a secure way. You can put all your passwords in one encrypted database, which is locked with one master key or a key-disk. So you only have to remember one single master password or insert the key-disk to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).
It has the following major advantages over other similar applications of this type like Roboform:
- Since it is cross-platform, it will work whether you use Windows, Linux or Mac.
- It is portable, no installation is needed as it also comes in a pre-compiled bundle. The database can be placed on a USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind. Just plug in and presto you have a full working application.
It is available as a source code package (if you feel like compiling one), or get the .rpm package for Red Hat and its derivatives, and .deb for Debian and derivatives. In fact, if you’re using Ubuntu, it can be installed from the “universe” repository with:
sudo apt-get install keepassx
For windows version, get it here.
- The first thing to do after installing KeePassx is to create a new database, where you’ll put all your passwords and lock them up with one Master Password or using a key file that can be stored in an external portable memory. Combining the two methods gives better security, just in case you misplace your key file you can still unlock your database with the master password.
- After the DB has been created, you need to create a “Groups” and within this groups you add the real entry, (user name, password, url..etc).
Usage: right-click on an entry, select “Perform AutoType” (shortcut is Ctrl+V). Go to website login page and select the user name box. It will automagically fill-in the details as if you entered them.
One feature that I’d like to see implemented is a browser plugin so that it won’t be necessary opening the application prior to using it.
KeePassx is released under the GPL license.