Monday, August 13, 2012

How KeePassX revolutionized how I use passwords

I've been using the same three passwords since I was 15 and connected to my first BBS.  I had never needed a password before this.  I looked around my desk for something easy to remember and decided to use the model number of my monitor for the password.  This password was all of five characters.  It was perfect, always there at the bottom of my monitor so I would never forget.  I am forgetful you see.

Sometime later I needed a longer password, probably for a more secure BBS, and found the perfect complex seven character password on the front of my Sony boombox that I had connected to my PC.  From then on I've always used different combinations of these passwords on everything except the most sensitive sites like my bank.  For my bank I had reserved a third complex password that I would not easily forget.

Obviously you can see the problem with this.  Like probably the majority of people, I was using the same passwords for every site on the internet.  I never worried about it much,  until the Sony breach last year.  Suddenly they knew my password, and had my email address that I used to sign up for every other site on the internet.  Even Sony had lazy developers who never heard of storing passwords as individually salted hashes  (I'll write an article on how to do this properly one of these days).

It was time for me to start using a different password on every site.  Enter KeePassX.

I use a lot of different computers and every major OS.  I have a Windows desktop at home, a Windows desktop at work, a Linux laptop, and a MacBook, thus I need an app that works on all of them and a way to sync the databases.  I also have an iPhone and an iPad.  I placed my KeePassX database on DropBox so it's accessible from all of my computers and my mobile devices.

On the iOS devices I used an app called KyPass.  It works great and the main reason I chose KyPass is that it supports DropBox integration.   It's kind of pricey at $5, if you know of a good alternative with DropBox support please leave a comment.

Using KeePassX is pretty straight forward, create categories and add accounts.  It generates passwords for you.  The database is encrypted so if someone hacks your dropbox account, they still don't have access to your passwords.  

If you are already familiar with KeePass you are probably wondering why I chose KeePassX instead.  KeePassX and KeePass are mostly the same thing and have compatible databases.  KeePass needs Mono to work on Linux whereas KeePassX has a native client. 

I now have a different password on every site I use.  If one of these accounts gets hacked, the others are still safe.

No comments: