Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

KeePass tutorial: Using the free password-management tool

Enterprise employees regularly use many systems that require passwords, and if they're doing it right, all of their passwords are unique.

With credentials for network shares, Web applications, email and so much more, it's impossible to remember each one, which is why many users keep a list of their credentials. Unfortunately, these lists are rarely encrypted, and that is a security disaster waiting to happen. If only there was an easy way to encrypt and securely store credentials. Luckily, there is: KeePass.

In this SearchSecurity screencast, Keith Barker, a trainer for CBT Nuggets LLC, demonstrates how to use KeePass, an easy-to-use password-management tool that enables enterprise employees to encrypt and securely store passwords.

KeePass stores credentials for users in an encrypted database that can be housed locally or in the cloud. To access the database, users can opt to use multifactor authentication, which includes a complex master password and file, making it impossible to gain access with only one factor. KeePass is free to download from its website and installs quickly, and while it is designed for Windows, variants exist for other platforms.

Once installed, users can create new databases to house their credentials. Each database can be organized with customizable folders. KeePass can automatically generate complex passwords, and users can customize the password length and character requirements for each credential. KeePass also allows users to open the websites directly and will auto-fill credential data into username and password entry fields. One of the neat features of this tool is that if a user copies a credential, it will only hold it in the clipboard for 12 seconds before deleting it, adding yet another level of security.

About CBT NuggetsCBT Nuggets
CBT Nuggets creates cutting-edge online IT training in topics including network security, server administration and more. Train 24/7 from any device. Try CBT Nuggets with a seven-day free trial and train on a variety of topics, including Cisco security, Wireshark, Linux and more! Watch. Learn. Conquer.

About Keith Barker
Keith Barker, CISSP, is a trainer for CBT Nuggets and has more than 27 years of IT experience. He is a double CCIE and has been named a Cisco Designated VIP. Barker is also the author of numerous Cisco Press books and articles.

View All Videos

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

I am a huge advocate of password management tools and I used KeePass for a year or so before LastPass came out. LastPass also has a free version, but I pay the yearly $12 fee for the added features and 2FA (two-factor) authentication.

The idea of a simple program to store and encrypt a password vault is an excellent idea all around. It is much easier than trying to secure a notebook full of passwords, though it is possible to be reasonably secure with the proper precautions, such as keeping the book in a locked drawer or in a wallet in your pocket.

I have had quite a few clients thank me for telling them about KeePass, LastPass and others along the way. It makes their computing lives much easier.

More good advice on my blog Security Corner