How to survive password hell

Monday, September 15, 2008

Keeping track of your passwords can be a real pain. Passwords for your email, your account at work or for that website where you want to leave a comment. Unless you can use one password for all of these different accounts you have to keep a list of passwords. Some store them in their head resulting in the obvious password restore options after a long holiday other store them on paper.

I use KeePass for storing my passwords on my PC and KeePassX on my Mac (the X indicates it also works on Linux).

Both applications are free and store their data in heavily encrypted local databases. I used to sync the databases with a USB stick for several years between my PC at work and at home. The solution was workable but not flawless. Busy, busy busy, forgetting to update the USB stick and then the trouble starts.

Until a few months ago when I signed up for a Dropbox account. Dropbox is an online storage service that syncs your data and even lets you share your data with others if you choose to. The Dropboxclient is available for Windows, Mac and Linux.

My passwords are no longer saved on a USB stick but are now stored in the synchronized Dropbox folder. So on any of my workstations I just open KeePass(X) and automatically my password database is opened. After adding or changing a password entry the database is updated and synchronized with the version in the cloud. If any of the other workstations is running the database file is synced to the other workstations as well. 

Syncing the keepass database

KeePass(X) has an option to remember and open the last file used.You might want to check the option “Limit to single instance”. This option makes sure you can not change the database at two locations at the same time. It creates a lock file so the other instance (local or other workstation) knows it is in use.

The combination of KeePass(X) and the online store and sync of dropbox works great for me. If you do no need to sync between different platforms there are other alternatives for the store and sync part:

This solution works great for me, I stopped carrying my USB stick around and I know my passwords are available from any of my workstations. An extra backup of the files? Why? Stored in the “cloud” on my workstation at home and at my workstation at work. The risk is spread across multiple machines and it’s even online available. I love it.

After using the Dropbox for a while I’m even considering to use it as my default “documents folder”.

Update: Version 1.16 of KeePass has an option that is specific for Windows Vista and higher. Be sure to uncheck the CNG/BCrypt option.