Why I use… KeePass

What is it?

KeePass is a free open source password manager, that you can use to create and access an encrypted database for storing passwords and usernames.

Why is it relevant as a dyslexia coping strategy?

I locked myself out of a work account at a new job within half an hour of having set it up, and then had to wait two days for a reset key to be delivered by internal snail mail. Looking for a solution, I decided to follow Peter Smittenaar’s excellent advice on how to use KeePass.

One year later, my password database contains nearly 100 entries!

Any other reasons to use a password manager?

Evidence suggests the average Internet user has about seven passwords that they reuse across the web: if any one of these accounts is hacked then all the other accounts with the same password are compromised too. Both the Heartbleed bug and the targeted hacking of eBay affected users in this way.

A good password manager generates and stores a strong and unique password for every account.

A happy by-product of having such a database is that is much easier to manage tens or hundreds of accounts, avoiding the security risks associated with lost and forgotten accounts or using the same account to log into multiple services.

Imagine having your smart phone stolen and having to change all of your passwords: the first step probably involves remembering the existing passwords…

Any reasons to not use a password manager?

The key security risk of a password manager is that only a single password is required to gain access to all of your accounts, if the hacker also has your database.

Consequently, KeePass is a good choice of password manager. It is software that runs on your computer, rather than an Internet-based app, and always requires authentication.

How do I use it, and how do I backup?

On my Windows 7 laptop, I keep my database in a Dropbox folder along with the latest portable version of KeePass: 2.28 at the time of writing.

(You can see what KeePass looks like here. The article that prompted me to start using KeePass has some excellent advice on time-saving keyboard shortcuts.)

I also keep this folder backed up to a USB stick carried on my keyring, synced using SyncToy. This acts as a backup, and also allows me to access my accounts on any computer running Windows.

On Android, I use KeePass Droid to access the database in Dropbox. Note: this program has a bug whereby updates to the database file don’t sync automatically to KeePass Droid, the workaround to update the database is to open it directly from Dropbox.