Using KeePass to Manage Passwords

The University’s IT Digital Password Management Policy requires regular management of passwords associated with accounts used to access University resources. There are tools, called Password Managers, which can be used to make organising these passwords easier. This article will describe how a password manager named KeePass can be used.

Please note: Tool use is not mandatory. Please exercise caution when using this tool. If your KeePass password is lost or forgotten, IT Services can not restore it. Support for troubleshooting KeePass issues is minimal and should be directed to the vendor.

KeePass Overview

KeePass is a free tool that can create, store and organise passwords. It is available for all major platforms, such as Windows, macOS, Linux, iOS and Android. The homepage is https://keepass.info

Using KeePass, you create an encrypted password database, in which you store your keys (passwords), organised into folders.  The database has a strong password (master password) to protect it. Once you enter the database master password, you can then access all your keys and see the passwords unencrypted.

Installing KeePass 2.x on Windows

  1. Make sure you have administrative rights on your computer
  2. Download the installer from https://keepass.info/download.html
  3. Run the installer, accept the agreement, and choose the default options
  4. When the install is done, make sure Launch KeePass is done, then click Finish
  5. When asked, choose Enable to have KeePass check for updates automatically

Setting Up KeePass

When you first open up KeePass, it opens to the main window, like you see below.

There are two steps to start using KeePass. Step 1 is to create a password database and master password, and Step 2 is to create and store passwords.

Step 1: Create a new database

1. Click on File -> New…

2. You’ll be asked where to save the file. It is recommended to save it in your Documents folder (this is the default location). Keep the same file name (Database.kdbx). Click Save.

3. Next you’ll create the master password. This is the only password you will need to remember, since KeePass will remember all your other passwords for you. On the other hand, this password does provide access to all our other accounts, so you better make it good.

We recommend you use a very long password (more than 16 characters) for your master password. Consider using a phrase or sentence. Make it something you’ll remember!

When you’ve typed the master password into both fields correctly, click OK.

4. The next dialog will ask you for some database properties. Just click OK to continue.

5. KeePass will offer to print an Emergency Sheet that contains details (including the master password of your database.) It is recommended that you print the Emergency Sheet if you have a printer and a secure place to store it.

6. You’ve now completed creating a database and master password!

Your initial database will look like this:

Note that there are folders / categories in the left pane and on the right are your keys (password entries). These can be drag-and-dropped between the folders on the left-hand side to organise them.

Step 2: Adding password entries

1. Right-click in the right-hand pane and select Add Entry… A dialog like the following will open.

2. Notice that there are a number of fields, such as Title, User name, Password, URL and Expires.

URL is an optional field and is the web address of the site where the password is used.
Expires is a date field used for passwords that expire, like your UWin Account password. KeePass will put an X over a password that is expired to indicate that it can’t be used.

Fill the fields in as appropriate, then click OK.

3. You’ve now added an entry.

Here’s an example how to complete the fields, assuming you changed your password today (e.g. 2019-05-09, May 9, 2019).

Title: UWin Account
User name: jtester
Password: <account password>
Repeat: <account password>
URL: http://www.uwindsor.ca/uwinid
Expires: Check the box and enter a date 3 months from today (e.g 2019-08-09). You can use the convenient pre-set timer to set a date 3 months in the future.

You can continue to add entries for all your accounts and passwords so that you no longer have to remember them individually. Simply put them in KeePass and you only have to remember the master password.

Using Passwords

KeePass makes it really easy to use entries in the database. When you are asked to log into a site or application, you can drag and drop the username and password from KeePass right into the login fields. You can also use Ctrl-B to copy the username or Ctrl-C to copy the password to the clipboard.

Below you can see how to drag and drop:

  1. Left-click and hold on the entry in the username (or password) column.
  2. Drag it into the appropriate login field.
  3. Release the left mouse button.

The value you dragged now appears in the field.

Advanced Features

Password Generator

One of the biggest issues for computer users is creating passwords. KeePass contains a password generator that can create passwords for you. You can easily configure it so that it automatically creates passwords that satisfy the UWin Account password specification.

Click on the Tools menu, then select Generate Password... This will bring up the Password Generation Options dialog. What we are going to do is create a custom profile that generates passwords using a pattern.

First, select the radio button next to Generate using a pattern.

In the pattern field, enter the following (uppercase L, lowercase L): LldsA{6}

Next click the checkbox for Randomly permute characters of password

Finally, at the far side of the Profile drop-down, click the Save button. It will ask you to name the profile. Enter uwin-account then click OK.