KeePass Password Safe review
Passwords will always be one of the weakest links in any security chain. In order to maintain security, your password needs to be complex, but it should also be changed on a regular basis. What’s more, you shouldn’t use the same password for different sites and services. So it’s a good idea to encrypt your passwords in a locally held database application that will automatically enter them as required.
TK8 Safe is at the budget end of the password-management market, which means sacrifices are made. These include AES 128-bit encryption rather than 256-bit. Although passwords are safer at 128-bit than in plain text, if you’re investing in specialist software you may as well go for the best security possible.
For a couple of pounds more, Sticky Password offers plenty of encryption choices as standard, including Twofish, Ghost, Sapphire II and FROG. Typical of next-generation password-management applications, it integrates with both Internet Explorer and Mozilla Firefox, automatically logs into sites and services, handles password backup and secure password generation. The ability to unlock the password database by using any supported USB or Bluetooth device as an authorisation dongle, without a master password requirement, adds to the risk of compromise, though. Thankfully, you can use a strong password instead.
When it comes down to weighing features against price, there can only be one winner in the budget sector: KeePass Password Safe. Being open source, it’s totally free, yet without sacrificing power. You get a choice of using either AES or Twofish, both with 256-bit key sizes, and this encrypts the entire database, so your usernames, notes and personal information are hidden as well. You can use a double-authentication process of a key disk and a password in order to access the database if you want even tighter security. There’s in-memory password protection to prevent them being revealed even if Windows caches the KeePass process to disk and security-enhanced password edit controls to prevent third-party edit control spies working – passwords entered in those controls aren’t left visible in the process memory of KeePass.
If you want to invest more, it’s worth considering Dekart Password Carrier. Combining its software-based encryption, storage and auto-login features with your USB-based removable hardware, this doubles the security: not only would someone need to crack your master password to access your database, but they’d first need that USB flash drive or even a supported biometric reader. And, being able to carry all your passwords around to use wherever you log in is convenient too. AES 256-bit encryption keeps them safe, and when you sign in to a new site or service it will automatically add details to the database.