Keepass password safe?

Ah yes I remember that happening I wasn't concerned then and certainly not now :) I firmly believe that Lastpass is one of (if not the) best passwords managers currently available by a mile :)

Stoner81.
 
well I'm now using lastpass but just the free version, I'm not to fussed about any security concerns, if any, as I'm only using it for forums like this and sites that have none of my bank details.

thanks for the help guys:)
 
well I'm now using lastpass but just the free version, I'm not to fussed about any security concerns, if any, as I'm only using it for forums like this and sites that have none of my bank details.

thanks for the help guys:)

No worries and welcome to the wonderful world of Lastpass! The premium version is only needed if you need it for mobile platforms like your smartphone, tablet etc. Everything else you get in the free version :) it's one of the many reasons why I like it so much (and I've paid for it).

Stoner81.
 
Use to love using lastpass I found it way more easier and lazier, keepass is great but it does not auto login on websites, maybe I just aint tweaked it right though.

It auto fills and then I have to hit login etc, it also fails on ebay and few other odd sites I visit regularly not a biggy but a quick refresh or hitting the detect forms keepass button it detects it.

The only reason why I kept keepass is the file with all my passwords or life as we know it is stored locally where no one can get at it !

But if I understand the above, the file is encrypted on last pass servers and only decrypted on your Pc side ?

I guess the thought or idea of an American company which is NSA bound having access to your encrypted file is off putting.
 
If I was to install Lastpass/Keepass would I have to add all my sites and their usernames & passwords or would it be better to just enter usernames and let it generate a random password for the site?
 
It'll learn as you browse the sites and enter passwords (or the browser auto enters them), likewise if you go onto any site it doesn't know about and register there's always an option to generate a password for you.

It wont' try to log into a site until you've done it once and told it to remember the password
 
The only reason why I kept keepass is the file with all my passwords or life as we know it is stored locally where no one can get at it !

But if I understand the above, the file is encrypted on last pass servers and only decrypted on your Pc side ?

You are nearly right, I think you got your wires crossed somewhere ;)

Lastpass stores a copy of your encrypted data on your PC, when you "login" through the plugin the process then decrypts the data you have stored so you can access all your logins and all your other data. When you make any changes to the file your PC stores is then encrypted and that encrypted file is sent to the Lastpass server. The encryption and decryption processes only ever occur locally on your PC, so your master password is never sent directly to Lastpass.

I guess the thought or idea of an American company which is NSA bound having access to your encrypted file is off putting.

That doesn't make any difference, your email address and master password are hashed which is a one way process. It is mathematically infeasible to go backwards. Even if Lastpass were ordered by a court to hand over your data that data is still useless because only YOU have the key to unlock it. Lastpass never know what your master password is because by the time you login that password has been hashed so it looks like gibberish.

If I was to install Lastpass/Keepass would I have to add all my sites and their usernames & passwords or would it be better to just enter usernames and let it generate a random password for the site?

If you install Lastpass to say Firefox and that is where you have all your current passwords stored Lastpass will offer to import them all in to Lastpass and disable the built in password manager in your browser.

Keepass I have no idea on since I have never used it.

Stoner81.
 
Last edited:
Thanks for clearing that up, do you use xmarks also in conjunction with last pass?

I found xmarks pretty cool at least I always had my bookmarks always backed up daily, I wonder though if that was in the same principle as last pass is perhaps its encrypted xmarks server side.
 
You are welcome, I never heard of xmarks but I use MozBackup to backup my Firefox profile every now and then which does the same thing plus more besides.

Stoner81.
 
Mozbackup suffices for what I need, I don't add new bookmarks very often at all these days so scheduled backups are rather pointless for me.

Stoner81.
 
Just to also add to Lastpass, I have used it for years and my company also uses it for site passwords we pay for the business side which allows to sync passwords across accounts so when we are working on sites we never have to bother other people and get them to send it over email or skype.

I do love lastpass, saves me hours of time in my job :)
 
I tried using Keepass but found that it didn't tick all the boxes. As an example my bank needs username, password and then three letters from a memorable word. Lloyds Clicksafe needs you to remember a sentence and letters from a memorable word, likewise Barclaycard.

I now use AX Crypt. I created a simple word table document for all passwords, user names etc. I'm able to enter which email address I use with each site etc etc

Additionally I try to make passwords esoteric only to me eg, I might use "Slaughterh0use5" as a password, but written in my table I'd enter "abattoir3+2" followed by "zero". Reminding me I've substituted "o" with "0"

With AX Crypt you only need to remember one password in your head.
 
I tried using Keepass but found that it didn't tick all the boxes. As an example my bank needs username, password and then three letters from a memorable word. Lloyds Clicksafe needs you to remember a sentence and letters from a memorable word, likewise Barclaycard.

Use the Notes part of KeePass.
 
Just to also add to Lastpass, I have used it for years and my company also uses it for site passwords we pay for the business side which allows to sync passwords across accounts so when we are working on sites we never have to bother other people and get them to send it over email or skype.

I do love lastpass, saves me hours of time in my job :)

Just tried the personal version and it's well conceived.
Only problem is that it doesn't work with apps that require a login (origin/EA games etc....)

Also the mobile version is unique which is a pity they don't have a family version for mobile....

I suppose for 12€ per year though can't complain.
 
Last edited:
KIA - If my memory serves me well, I seem to remember that when I tried KeePass albeit years ago, that when I'd tried pasting passwords from KeePass via the clipboard that some sites wouldn't allow pasting?

At the time I liked the look of the program, especially where it generates passwords etc but just found it too difficult to use. I think the program was beyond my capabilities.

I've updated Keepass and had another look at it. I might use it in conjunction with my AX Crypt Windows table to generate a much safer password to AX Crypt itself. Thanx
 
Back
Top Bottom