Security - Locking Down Your Passwords with KeePass
by Nick Nelson
A knowledgeable system administrator would never access their server via telnet, but how many of you keep your root passwords in a plain text file? The safe storage of your root passwords is critical, but most often not performed. Many hosts with multiple servers feel that a password protected excel file is secure enough to transmit throughout the Internet, however this is the equivalent of telneting into your server from your local cybercafe.
KeePass Password Vault is the answer to these concerns. KeePass stores passwords in a highly encrypted database. Keepass databases use the best and most secure encryption algorithms currently known (AES and Twofish). Both ciphers are of military strength, and with all the computers in the world attacking just one database, decrypting it would take longer than the age of the universe.
The KeePass database can be decrypted using one master password, or a key-disk, which is a file you simply have to carry with you, either on floppy disk, or CD. I store KeePass and it's database on a Biostik USB drive which features biometric fingerprint scanning technology to ensure one more layer of protection on your priceless database of passwords.
You can encrypt the KeePass database and distribute it throughout the Internet with confidence, as long as the master password or Key files are not leaked, your KeePass database is safe no matter who gets hold of it.
The password list can be exported to various formats such as TXT, HTML, XML or a printer friendly version. It also features a strong random password generator through user input. You should never use the same password on multiple servers, with KeePass you can use a different completely random password on each server or personal account (including your banks, forums, and email accounts).
Whether you use KeePass, or another password storage application, you need to ensure that a strong encryption is used, such as AES or Twofish. You should also ensure the application is open source so you can review it for any back doors before trusting it with root passwords to the servers that your business relies on. KeePass uses both AES and Twofish, and is also an OSI Certified Open Source application.
by Nick Nelson
A knowledgeable system administrator would never access their server via telnet, but how many of you keep your root passwords in a plain text file? The safe storage of your root passwords is critical, but most often not performed. Many hosts with multiple servers feel that a password protected excel file is secure enough to transmit throughout the Internet, however this is the equivalent of telneting into your server from your local cybercafe.
KeePass Password Vault is the answer to these concerns. KeePass stores passwords in a highly encrypted database. Keepass databases use the best and most secure encryption algorithms currently known (AES and Twofish). Both ciphers are of military strength, and with all the computers in the world attacking just one database, decrypting it would take longer than the age of the universe.
The KeePass database can be decrypted using one master password, or a key-disk, which is a file you simply have to carry with you, either on floppy disk, or CD. I store KeePass and it's database on a Biostik USB drive which features biometric fingerprint scanning technology to ensure one more layer of protection on your priceless database of passwords.
You can encrypt the KeePass database and distribute it throughout the Internet with confidence, as long as the master password or Key files are not leaked, your KeePass database is safe no matter who gets hold of it.
The password list can be exported to various formats such as TXT, HTML, XML or a printer friendly version. It also features a strong random password generator through user input. You should never use the same password on multiple servers, with KeePass you can use a different completely random password on each server or personal account (including your banks, forums, and email accounts).
Whether you use KeePass, or another password storage application, you need to ensure that a strong encryption is used, such as AES or Twofish. You should also ensure the application is open source so you can review it for any back doors before trusting it with root passwords to the servers that your business relies on. KeePass uses both AES and Twofish, and is also an OSI Certified Open Source application.