Monday, November 14, 2011

Passwords

I remember, when I first started this blog, I said to myself that I wanted to make at least one post a week. When that started slipping, I promised myself to stick to at least once per month. I was shocked the other day when I noticed that I hadn't posted anything since July! I've been slacking off!

Well, not really. I just hit one of those stretches where things have just been flat out swamped. In that time, though, I have been experimenting with some pretty cool stuff.One neat combination of tools that I have found particularly useful is KeePass (KeePassX for Linux users) and Dropbox.

KeePass, if you are unfamiliar, is a password management solution. It stores usernames and passwords for you, so you don't have to remember them all. The password database is itself password protected, so that you only have to remember a single password instead of 37 million different passwords.

If you have used KeePass before, it is very possible that you are familiar with one of the biggest headaches of it. When you go to log in to something that requires a password, you have to go and open up KeePass, find the correct entry, right click, copy username, back to your form, paste username, repeat for password, go bang head against wall in boredom - you know, the usual.

One of the best features of KeePass, though, is also one that I find very few people actually are aware of - the global auto-type functionality. This makes it so that, as long as KeePass is running, you just have to hit the special key combo, and KeePass will automatically type in the correct username and password into the fields for you. It does this by matching the title of the window currently open with the title field inside of KeePass. If multiple entries match, it will give you a popup window allowing you to choose the correct one.

With this extra functionality in hand (it is amazing what reading through the manual of your tools will lead to!), KeePass transformed for me from a semi-useful tool that I could sometimes use, to an indispensable service that I use all the time. I turned off the password remembering features of all my browsers, and stored everything in KeePass instead. Access to any site is now only three key presses away, and I never have to worry about remembering the right passwords for things. Also, if my computer were to be stolen, the thief wouldn't have immediate access to everything. So long as I use a sufficiently difficult password, all of the rest of my identity is safe.

Aha, I can hear the naysayers among you even now. What if you are on a different computer? How do you keep this password database in sync? Well, my friend, that is where Dropbox comes in to play.

Dropbox is an application that can keep files synchronized across multiple systems. You can get a free account that will give you up to 2G of storage. So I just put my database in my Dropbox folder, and I install Dropbox on both my work and home computers, and now I have access to my database in both places. You can even, if you choose, put the database file in the Public Dropbox directory that they give you, which automatically gives the file a public URL that you can access from any device with an internet connection. This literally gives you access to your database from anywhere.

The final nail in the coffin for me was when I found out that all this was available on my iPhone as well. I use the Dropbox app and the MiniKeePass app, and I get the same access to my passwords from my phone as I do from a computer.

Anyway, I understand that this post feels more like a sales post than an informative post, but I thought it was a good way to get my feet wet again. It also helps just a little to spread the word about an app combo that has become indispensable to me in my everyday life.

2 comments:

  1. When I looked at this problem two years ago, the solution I came up with was KeePass 2.0. It had an autosync system we set up over HTTPS to an internal webserver.

    Donno that I'd trust DropBox given their history and business model.

    ReplyDelete
  2. I'm not too concerned about trusting Dropbox, given that they can't do anything to my password safe without my password. With a sufficiently strong password, you should be fine.

    Given that I only have to enter the password once per day, I feel comfortable using a very long passphrase to protect it, which should keep the file sufficiently safe.

    The autosync feature sounds cool, though. I have never messed with it.

    ReplyDelete