Too many Passwords to remember? Of course you have, we all do! This is an easy tutorial of how to store and carry around an endless amount of strong Passwords and User Names securely, without memorizing them or writing them in your diary (yes, a lot of us still do that!). Internet user accounts for banking, social networking and shopping are always being targeted by hackers. Just recently, a Trojan called Zeus Zbot acquired online banking user account information and stole approximately £6M from UK and £2M from US.
Get the free KeePass Password Manager which will generate very strong Passwords, and will make login into your accounts easy. All you need to do is remember only One Password called the Master Password. In the sections that follow, you will learn how to create a master password, save your passwords, generate random passwords, create backups and use the passwords from KeePass when needed.
To run KeePass, perform these steps:
Step 1. Select: Start > Programs > KeePass Password Safe > KeePass or click the icon on your desktop to activate the KeePass main screen as follows:
Figure 1: The KeePass Password Safe main screen
Creating a new password database involves two steps:
You must come up with a single, unique and strong master password that you will use to lock and unlock your database of passwords. Then, you must save that password database.
To create a new password database, follow these steps:
Step 1. Select: File > New as follows:
Figure 2: The KeePass screen with File > New selected
This will activate the Create New Password Database screen as follows:
Figure 3: The KeePass Create New Password Database screen
Step 2. Type the master password you have invented into the Master Password field.
Figure 4: The KeePass Set Composite Master Key screen with the Master Password field completed
You will see an orange-green progress bar underneath the password entry. As you type in a password, the amount of green in the bar will increase if the complexity or strength of your password increases with the number of characters used.
Tip: You should aim to have at least half the bar filled with green when you’ve done typing in your password.
Step 3. Click: to activate the Repeat Master Password screen and confirm the password as follows:
Figure 5: The KeePass Repeat Master Password screen
Step 3. Type in the same password as before, then click:
Step 4. Click: to see if you are typing in your password correctly.
Warning: This is not advisable if you fear that someone may be looking over your shoulder.
Once you have successfully typed in the master password twice, the KeePass main screen is activated as follows:
Figure 6: The KeePass Password Safe screen in active mode
After you have created the password database, you need to save it. To save the password database, follow these steps:
Step 1. Select: File > Save As
Figure 7: The KeePass Password Safe screen
This will activate the Save As screen as follows:
Figure 8: The Save As screen
Step 2. Type in a name for your new password database file.
Step 3. Click: to save your database.
Tip: Remember the location and file name of your database! It will come in very handy when you are creating a backup of it.
Congratulations! You have successfully created and saved your secure password database. Now you can begin to fill it up with all your current and future passwords.
The Add Entry screen lets you add account information, passwords and other important details into your newly-created database. In the example that follows, you will be adding entries to store passwords and user names for different websites and email accounts.
Step 1. Select: Edit > Add Entry in the KeePass Password Safe screen to activate the Add Entry screen as follows:
Figure 9: The KeePass Password Safe screen with Edit > Add Entry selected
Figure 10: The KeePass Add Entry screen
Note: The Add Entry screen presents you with a number of fields to be completed. None of these fields are mandatory; information submitted here is largely for your own convenience. It may prove useful in situations where you are searching for a particular entry.
A brief explanation of these different text boxes is presented as follows:
Generating a random password on request will be described in the following section. You can, of course, replace the default password with one of your own. For instance, if you are creating an entry for an account that already exists you will want to enter the correct password here.
Figure 11: The KeePass Password Safe screen displaying the NetSecureDb?.kdb file screen
Note: Creating or modifying the password entries in KeePass does not change your actual passwords! Think of KeePass as a secure electronic address book for your passwords. It only stores what you write in it, nothing more.
If you select Internet from the Group drop-down list, your password entry might resemble the following:
Figure 12: The KeePass Add Entry screen – completed
Step 2. Click: to save this entry.
Your password entry now appears in the Internet group.
Figure 13: The KeePass Password Safe screen
Note: The bottom panel of this window displays information about the entry selected. This includes creation, editing and expiry time as well as notes you may have recorded in the entry. It does not reveal the password.
You may edit an existing entry in KeePass at any time. You can change your password (it is generally considered good security practice to change a password every three to six months), or modify other details stored in the password entry.
To edit an entry, perform the following steps:
Step 1. Select the correct Group in the left-hand side to activate the entries associated with it.
Step 2. Select the relevant entry, then right-click on that selected entry to activate the following window:
Figure 14: The KeePass Password Safe screen displaying the Edit menu
Step 3. Click: to save any necessary changes to this information, including the password.
To change an existing password (that you previously created yourself) for one generated and recommended by KeePass, please read the following section.
Long, random passwords are considered strong in the world of security. Their randomness is based on mathematical principles and cannot simply be ‘guessed’ by someone who is trying to break into one of your accounts. KeePass supplies a Password Generator, to help you with this process. As you have seen above, a random password is automatically generated when you add a new entry. This section will describe how to generate one yourself.
Note: The Password Generator can be activated from within the Add Entry and Edit/View Entry screens. Alternatively, select: Tools > Password Generator.
Step 1. Click: from within either the Add Entry or Edit/View Entry screen, to activate the Password Generator screen as follows:
Figure 15: The KeePass Password Generator screen
The Password Generator screen presents a variety of choices for generating a password. You can specify the length of the desired password, the pool of characters from which it will be created and much else. For our purposes, we can use the default options presented. This means that the generated password will be 20 characters long and made up of lower and upper case letters, as well as numbers.
Step 2. Click: to begin the process. When complete, KeePass will present the generated password to you.
Figure 16: The KeePass Generated Password section
Note: You can view the generated password by clicking: . However, this creates a security risk as we discussed above. In essence, you will never need to see the generated password. We will explain more about this in section 3.0 Using KeePass Passwords.
Step 3. Click: to accept the password and return to the Add Entry screen as follows:
Figure 17: The KeePass Add Entry screen
Step 4. Click: to save this entry.
Step 5. Select: File > Save to save your updated password database.
You can minimise or exit the KeePass program at any time. When you open or restore it again, you will be prompted to enter your Master Password.
KeePass minimises itself, appearing in your system tray (at the bottom right-hand corner of the screen) as this icon: .
Step 1. Double-click this icon to restore KeePass to its normal size.
Step 2. Select: File > Exit to close the KeePass program completely.
If you have any unsaved changes in the database, KeePass will prompt you to save them.
Step 3. Upon opening or restoring KeePass from the system tray, you will be prompted to enter your Master Password.
Figure 18: The KeePass Open Database – NetSecureDb.kdb screen
The KeePass database file on your computer is denoted by its .kdb file extension. You can copy this file to a USB memory stick. No one else will be able to open the database without the master password.
Step 1. Select: File > Save As from the main screen, and save a copy of the database to another location.
You can run the entire KeePass program from a USB memory stick. Please download a portable version of KeePass from http://portableapps.com/apps/utilities/keepass_portable and install it on your USB memory stick.
You can change the Master Password at any time. This can be done once you have opened the password database.
Step 1. Select: File > Change Master Key
Figure 19: The KeePass Change Master Key screen
You will be prompted to type the new Master Password twice.
Figure 20: The KeePass Change Master Key screen