The-Source.com

Keeping track of passwords sucks. We may be moving – ever so slowly – towards some sort of acceptable centralized identity authentication scheme, but in the here and now I bet you have to manage a lot of passwords.

I know I do, and I hate it. Every site has some slightly different set of rules for what constitutes an acceptable password (length, mix of alphanumerics, etc.) and frequently they have additional “security questions” or other bits of info that you need to maintain alongside the username/password. And you can’t ever always get the same username at all these place either.

Enter password managers – and enter the one that I care about, KeePassX:

KeePassX: Edit Entry(Screenshot from the KeePassX website)

Feature Set

I tried several password managers before settling on KeePassX. It wasn’t a hard choice because only KeePassX offered me the set of features that I was looking for in a password manager:

• Generate passwords according to specified criteria
• Cross-platform
• Free Software (Prefer GPL)
• Toggle password visibility in application
• Allow notes for each account
• Easy search of all accounts

Generating Passwords

There are simply so many sites that you need to create an account on that it is easy to fall into the trap of being lazy and using the same or similar username / password combination across multiple sites.

Since KeePassX can quickly generate passwords according to a quite flexible set of criteria, it nicely mitigates this danger:

KeePassX: Generate Password

As you can see from the screenshot, you will probably be able to meet all or most of the password requirements laid upon you.

Once you get into the habit of using KeePassX, it’s actually quite simple to use 12+ character passwords even on the most trivial sites. 

Of course, you don’t have to use KeePassX to generate passwords, you can enter them in directly as well.

Cross-Platform

If you move around a bit, and especially if you work on multiple architectures, it’s very nice to have KeePassX on a USB drive in different formats. You can run it on all major platforms and easily access your password database.

And, since it is Free Software there are several programs that can use your database even on platforms where KeePassX hasn’t yet been ported (like the iPhone). Huzzah!

This does raise the issue of having multiple copies of your password database floating around. You might do well to adopt a “master” location that is the only one that gets any adds or edits to help prevent “missing” passwords.

Notes for each account

Another wonderfully annoying feature are the “security questions” that an increasing number of sites require. Or the additional information like Account Number or whatever else is needed in conjunction with a standard Username / Password pair.

KeePassX allows free-form commenting on each account. I don’t know what the size limitations are for a comment entry, but I have a few that are quite lengthy and haven’t ran into any problems there.

Other small and neat things

KeePassX has several other small and nice touches that ease use (some of which I rely on, some of which I don’t have much need for): you can toggle visibility on the usernames and passwords. It is easy to copy the username and/or the password to the clipboard, to be pasted into the awaiting text control. It’s quite fast in all areas of operation. You can “group” passwords as you like. You can quickly search. You can set an “active” period for passwords. You can export to text file. And so on.

Summary

I really like KeePassX and it fills my needs well. The only complaint I have is that I wish you could set a “master” database to replicate/sync to, because I still sometimes add or edit an account on my “travelling” copy. It’s never more than a minor inconvenience to patch things up, but I have to complain about something.

I’d also be interested in hearing if you have a password management solution that you think is preferable or comparable to KeePassX.