|
Custom Search
| |
|
Inside This Article How to use KeePass in a more secure way On this page, we will talk about how to use some of the advanced features in KeePass that can be used to combat sophisticated keyloggers (spy software) such as those with clipboard memory dump, screen capture, mouse clicks capture, or other capacities. Note that no security is 100% bulletproof. Choose carefully the ones that best suit your needs. 1. Use Enhanced clipboard method. In KeePass main window, click menu bar on the top Tools -> Options. When the Options window opens, click Memory tab.
There are two clipboard behaviors to choose from: Timed and Enhanced. You should choose "Enhanced: allow pasting only once and protect against clipboard spies." Note: KeePass The Enhanced behavior may not work
correctly on some systems, especially if any
clipboard enhancing tools or something like that are
used. If you notice any problems with this enhanced
method, KeePass recommends that you switch back to
Timed method. 2. Disable unsafe operations. In KeePass main window, click menu item Tools -> Options. When the Options window opens, click Security tab. Find the checkbox "Disable unsafe (security-critical) operations like exports, etc." and check it.
3. Use more secure password edit controls. In KeePass main window, click menu item Tools -> Options. When the Options window is opened, click Security tab. Find the checkbox "Use more secure password edit controls" and check it. See screenshot above. KeePass was the first password manager featuring more secure edit controls. The edit controls used in KeePass are resistant to password revealers and password control spies. Additionally, the entered passwords are protected against memory dumping attacks: the passwords aren't even visible in the process memory space of KeePass! If you want to know more about how it works internally, read the following article by Dominik Reichl (the KeePass author) about secure edit controls: CSecureEditEx - A More Secure Edit Control 4. Always let KeePass generate random password for you. In KeePass main window, click menu item Tools -> Options. When the Options window is opened, click Advanced tab. Find the checkbox "Automatically generate random password" and check it.
When you create a new password entry, KeePass automatically fills the Password field with a random password of 20 characters in length by default. The default character sets used to generate the password are
There are 6 other character sets to use. Do use them if the site or application you create the password for allows them. You can overwrite the auto-generated password by
using the Password Generator that comes with
KeePass. Click the Gen button next to Repeat
Password field to bring up the Password Generator. Make sure that the password you generated is at least 8 characters in length. Actually, the longer the better if no length limit for the password is enforced. If there is no requirement about what characters you can use for the password, always mix some non-alphanumeric characters in it.
5. Use master password and key file combination. KeePass supports combining the two locking methods - master password and key-file. KeePass database can be locked using a master password and a key-file. If you lose one of them, you cannot unlock/open your database. On the other hand, if someone steals your key-disk (which contains key-file) and password database, the database is still secure because the attacker doesn't know your master password. 6. Use KeeForm to fill a web form. KeeForm is a KeePass form filler utility. KeeForm is designed to simplify the process when you log into an online application such as Hotmail or standalone application such as Yahoo Messenger. After you set up KeeForm correctly, what you need to do when log into a site is just double click the URL field in KeePass. Then KeeForm will take you thru the following process automatically:
Keeform is keylogger safe. 7. Open URL in Mozilla Firefox instead of Internet Explorer. For security reasons, some people trust Mozilla Firefox more than Internet Explorer. If Firefox is not your default browser, you can still get KeePass to open a URL in Firefox automatically. Refer to article Open URL in different web browsers for more information. 8. Use Auto-Type. KeePass features an "Auto-Type" functionality. This feature allows you to define a sequence of keypresses, which KeePass can automatically perform for you. The simulated keypresses can be sent to any other currently open window of your choice (browser windows, login dialogs, ...). 9. Use On-Screen Keyboard (OSK). On-Screen Keyboard can be used to enter master password and other information for a password entry. Here the purpose of using On-Screen Keyboard is to avoid keystrokes that can be tracked by keyloggers. However, with the availability of KeeForm or other excellent ways to combat keyloggers, I don't see the usefulness of using on-screen keyboard on your own computer as it's quite cumbersome to use.
At times you may want to use it when you use public computers in library, hotel, or internet cafe.
|
Copyright © 2024 GeeksEngine.com. All Rights Reserved. This website is hosted by HostGator. No portion may be reproduced without my written permission. Software and hardware names mentioned on this site are registered trademarks of their respective companies. Should any right be infringed, it is totally unintentional. Drop me an email and I will promptly and gladly rectify it. |
Home | Feedback | Terms of Use | Privacy Policy |