A solution to the password nightmare. The most common means of controlling access to IT is a username and password.
This works well for many applications as is flexible and simple to implement. There is however one major problem with passwords – You have to remember them!!! If you only have one or two passwords this is not a problem, but many IT users have many systems they need to log into. If you work in IT, like I do, it is not unusual to have to remember 20 or more different passwords. Usually you are forced to change these on a regular basis and they have to contain numbers and/or strange characters. For the normal mortal (well for me anyway) this is impossible to do without “cheating”. One way is to write them down, another is to make all the passwords the same, or slightly different versions of the same thing. This fundamentally undermines the security of using passwords. Enforcing policies like changing passwords regularly just seems to make things worse instead of better, as more people adopt more coping strategies.
KeePass is a free, opensource program that I have found to be the perfect solution. It provides a secure password manager that will essentially remember all your passwords for you, and type them in when you need them. The result is you only need to remember ONE password. Password managers are nothing new, but any I have came across in the past have been unsuitable (in terms of either security or usability). This little program simply does everything right to provide a very secure way of storing your passwords, while making it easy to access the various systems. I have found it works well over terminal server with the ‘autotype’ facility and I keep the software and database on a usb key so I can access it from various PCs. With a little configuration, it is extremely flexible. I highly recommend using KeePass for all your passwords. For many users and IT professionals it is a very necessary quality application.