DOCSLIB.ORG

Keepass Instructions

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Keepass Instructions Introduction to KeePass What is KeePass? KeePass is a safe place for all your usernames, passwords, software licenses, confirmations from vendors and even credit card information. Why Use a Password Safe? • It makes and remembers excellent passwords for every site you visit. These passwords will be random and long. • It is very dangerous to either try and remember your passwords or re-use the same password on multiple sites. Using KeePass eliminates these problems. • It helps you log into websites • It stores license codes and other critical information from software vendors • It protects all your licenses and passwords with state of the art encryption making it unbreakable as long as you have a good passphrase. I made a 5 minute introductory video screencast . Go ahead and watch it. http://www.screencast.com/t/RgJjbdYF0p Copyright(c) 2011 by Steven Shank Why switch from my OCS Passwords safe to Keepass? Keepass is much better than my program. It is much more secure. My OCS Passwords is not using state of the art encryption. My program is crackable. In addition to being safer, it is even easier to use than my program and has some great extra features. In short, while OCS passwords was a good program in its time, its time has passed. Among the many advanced features, KeePass lets you add fields, copy username and passwords into websites and programs more easily, group your passwords and launch websites directly from KeePass. How Do You Switch from OCS Password to KeePass? What I've done • I worked with a programmer to write a program to convert current password databases into a text file I could import into KeePass. All your information and notes will be converted except for the date you created the record. The Company and Program will be merged into Keepass's Title field. Version and contact are added to your notes field. All notes are brought forward including the formatting. • I wrote instructions and made screencasts to make the transition as easy as possible. • If I convert your data for you, I'll send you back your file and then securely erase all your data. • I will not charge you to convert the data from OCS Passwords to KeePass. What I want you to do You can just start using KeePass instead of my program. However, if you'd like all your passwords converted to the new program, I can help you do that. Send me your passwrd.tps file and call me with the short simple password you want used on the new program. You'll normally find the file in c:\security\passwords. I'll email you back a Keepass database with all your passwords in it. It will be encrypted with the password you sent me. You can download Keepass at: http://keepass.info/download.html . You want version 2.17 installer for Windows. The program is free and open source. Watch the introductory video at: http://www.screencast.com/t/RgJjbdYF0p Read the Quickstart guide that follows. That is all that is necessary, but it would be helpful to read more of the information in this newsletter to learn to get the most from KeePass. KeePass Quickstart: What you absolutely need to know. KeePass can be downloaded from: http://sourceforge.net/projects/keepass/files/ Adding an Entry: Do not add the entry into the website you are making the entry for. Add it to KeePass first. Then copy to the website. To add an entry just click the Add Entry item in the toolbar, or right click in the right panel and select Add Entry or just press the INSert button on your keyboard. Making Passwords : Passwords are automatically generated for you. If those aren't what you want, use the built-in password generator ( Tools/Generate Password ) to build one to the requirements of the site. Of course, you can always simply type in whatever passwords you like. A 2 minute video showing how to use the password generator is here: http://www.screencast.com/t/eUNX5CBMQ Showing and hiding passwords: CTRL-H will toggle between showing and hiding passwords. Saving your Passwords : Make sure to save the password file by pressing the Save icon in the toolbar or CTRL-S. Double clicking Double clicking does different things depending on what you point to. Instead of double clicking to copy, you can drag and drop the username and password to their entry slots. Show KeePass Hotkey: Left Ctrl-Alt-K is the hotkey to show KeePass, so if it is buried behind other windows, you can bring it forward with this hotkey. Clearing the Clipboard: It is dangerous to leave your passwords in the clipboard after you copy them, so KeePass automatically clears the clipboard for you. By default it does this in 12 seconds. This seems a little fast to me, so I change it to 20 or even 30 seconds. Tools/Options/Security: Clipboard auto-clear time (seconds). Locking KeePass: I recommend locking KeePass after 1 or 2 hours of non-use. This forces someone who accesses your computer when you leave to enter your password. Tools/Options/Security: Lock workspace after KeePass inactivity (seconds) . 3600 seconds is 1 hour. 7200 seconds is two hours. Saving KeePass: To automatically save KeePass check the Automatically save when closing/locking the database box in Tools/Options/Advanced. How can I make a good Master Password ? No encryption can be any better than the password you use for that encryption. That is why you want KeePass to make long random passwords for you. But you must make the password to KeePass. The 4 rules for a good passphrase: • Unguessable • Long (over 20 characters) • Wide: each character from a large pool of possible characters • Easy for you to remember and type Two Steps to Great Passwords: for example, 1. You could start with a phrase like: I am happy with KeePass . Notice that it has upper and lower case letters and a symbol, but is without any numerals. It is already 24 characters long. 2. You Pad it. Since it is short on numerals and symbols, let's pad it with 333/// adding 6 more characters. Six additional characters will make it over 500 billion times harder to crack (90^6). Another way to look at it is that it turns every minute of cracking time into a million years. Your passphrase is now 333///I am happy with KeePass. At 30 characters it will take a computer which could attempt 100 billion guesses a second 6.90 hundred trillion trillion trillion centuries to guess your passphrase. Your master password is entered by pulling down the File menu and selecting: Change Master Key... Creating Passwords with Keepass Select the Generate password option from the Tools menu. You'll notice that you have lots of options for creating passwords and also Profiles to name them. I recommend creating at least three standard profiles: 1. A default profile to use as the normal way to create passwords. You will save this as "Automatically generated passwords for new entries". I suggest 30 to 50 characters using upper and lower case, digits, the minus and underscore and special characters. These will automatically be created and filled into any new entry you create. 2. Save this configuration again with a descriptive name, like 40 characters - All groups 3. A restricted system for those insecure sites that don't let you have long passwords or use special characters. For these I recommend 12-18 characters, upper and lower case and numerals. All you need to do to make a profile is to configure it from the menu and then save it with a name. You can delete any profile you don't use. Demo video here: http://www.screencast.com/t/eUNX5CBMQ HotKey Login with KeePass You can easily setup KeePass to login to most websites at the press of a global Hotkey. The default is CTRL-ALT-A. KeePass will see if it can match a password record to the website you are on, and if so, it will log you in. I use this to login to every website I use except for banking and Paypal which require extra login hoops. How to make it work for a website. When you go to a website, you'll notice the tab in your browser has a name. If part of that name can be your title, then KeePass will make the association and you don't need to do anything else! Example 1. In the above example, the Firefox tab where I login to books on board says, "BooksOnBoard - largest independent..." . Since the name of the site is booksonboard, I simply made the title match the beginning of the entry. Now, when I go there, I press CTRL-ALT-A and KeePass matches the appropriate record and logs me in. Example 2. But, you don't need to match the beginning. You can match anywhere in the tab label. Linked-In's page has the words "LinkedIn" past the ... above. I saw it by hovering over the tab. Since LinkedIn is somewhere on the tab, I can make my title Linkedin and KeePass can match the page and log me in. Example 3. What if their title isn't any good for your title? Occasionally, the tab title doesn't provide useful information. For example, when I login to my Postini account it looks like this: Obviously, I can't title my password record for Postini "Log in", so I use an alternate approach. From the Edit Entry screen I select Auto-Type and then Add to do a custom sequence.
Load more

Recommended publications
  • Privacy and You the Facts and the Myths
    Privacy and You The facts and the myths Bill Bowman and Katrina Prohaszka Clarkston Independence District Library 1 Overview ● What is privacy? ● Why should you care? ● Privacy laws, regulations, and protections ● Privacy and libraries ● How to protect your privacy → need-to-know settings 2 “[Privacy is] the right to What is Privacy? be let alone” - Warren & Brandeis, 1890 3 What is Privacy cont’d - Alan Westin (1967) on privacy: - “[privacy is] the right of individuals to control, edit, manage, and delete information about themselves, and to decide when, how, and to what extent information is communicated to others.” - Privacy provides a space for discussion, growth, and learning - Privacy is the ability to control your information and maintain boundaries 4 DEMO → Ghostory 5 What Privacy Is NOT - common myths Myth: Privacy and secrecy Myth: Privacy and security are the same are the same - Privacy is about being - Privacy is about unobserved safeguarding a user’s identity - Secrecy is about intentionally hiding - Security is about something protecting a user’s information & data 6 Evolving Concerns - Persistence of cameras and microphones - Think 1984 by George Orwell - “big brother” is always watching, and “it’s okay” - Social media culture - “Tagging” people without knowledge - Sharing photos without asking - Data as currency - 23andMe, Ancestry.com, Google, etc. 7 “Arguing that you don’t Why should you care about privacy because you have nothing to hide is no different than care? saying you don’t care about free speech because Why
    [Show full text]
  • Keepass Password Safe Help
    KeePass Password Safe KeePass: Copyright © 2003-2011 Dominik Reichl. The program is OSI Certified Open Source Software. OSI Certified is a certification mark of the Open Source Initiative. For more information see the License page. Introduction Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. He would have access to your e-mail account, website, etc. Unimaginable. But who can remember all those passwords? Nobody, but KeePass can. KeePass is a free, open source, light-weight and easy-to-use password manager for Windows. The program stores your passwords in a highly encrypted database. This database consists of only one file, so it can be easily transferred from one computer to another. KeePass supports password groups, you can sort your passwords (for example into Windows, Internet, My Website, etc.). You can drag&drop passwords into other windows. The powerful auto-type feature will type user names and passwords for you into other windows. The program can export the database to various formats. It can also import data from various other formats (more than 20 different formats of other password managers, a generic CSV importer, ...). Of course, you can also print the password list or current view. Using the context menu of the password list you can quickly copy password or user name to the Windows clipboard.
    [Show full text]
  • Privacy Handout by Bill Bowman & Katrina Prohaszka
    Privacy Handout By Bill Bowman & Katrina Prohaszka RECOMMENDED PROGRAM SETTINGS 2 WEB BROWSER SETTINGS 2 WINDOWS 10 4 SMARTPHONES & TABLETS 4 EMAIL 5 SOCIAL MEDIA SETTINGS 5 Instagram 5 TikTok 6 Twitter 6 Snapchat 7 Venmo 7 Facebook 8 RECOMMENDED PRIVACY TOOLS 10 WEB BROWSERS 10 SEARCH ENGINES 10 VIRTUAL PRIVATE NETWORKS (VPNS) 10 ANTI-VIRUS/ANTI-MALWARE 10 PASSWORD MANAGERS 11 TWO-FACTOR AUTHENTICATION 11 ADDITIONAL PRIVACY RESOURCES 12 1 RECOMMENDED PRIVACY TOOLS WEB BROWSERS ● Tor browser -- https://www.torproject.org/download/ (advanced users) ​ ​ ● Brave browser -- https://brave.com/ ​ ● Firefox -- https://www.mozilla.org/en-US/exp/firefox/ ​ ● Chrome & Microsoft Edge (Chrome-based) - Not recommended unless additional settings are changed SEARCH ENGINES ● DuckDuckGo -- https://duckduckgo.com/ ​ ● Qwant -- https://www.qwant.com/?l=en ​ ● Swisscows -- https://swisscows.com/ ​ ● Google -- Not private, uses algorithm based on your information VIRTUAL PRIVATE NETWORKS (VPNS) ● NordVPN -- https://nordvpn.com/ ​ ● ExpressVPN -- https://www.expressvpn.com/ ​ ● 1.1.1.1 -- https://1.1.1.1/ ​ ● Firefox VPN -- https://vpn.mozilla.org/ ​ ● OpenVPN -- https://openvpn.net/ ​ ● Sophos VPN -- https://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx ANTI-VIRUS/ANTI-MALWARE ● Malwarebytes -- https://www.malwarebytes.com/ ​ ● Symantec -- https://securitycloud.symantec.com/cc/#/landing ​ ● CCleaner -- https://www.ccleaner.com/ ​ ● ESET -- https://www.eset.com/us/ ​ ● Sophos -- https://home.sophos.com/en-us.aspx ​ ● Windows Defender -- https://www.microsoft.com/en-us/windows/comprehensive-security (built-in to ​ Windows 10) 2 PASSWORD MANAGERS ● Lastpass -- https://www.lastpass.com/ ​ ● KeePass -- https://keepass.info/ ​ ● KeeWeb -- https://keeweb.info/ ​ ● Dashlane -- https://www.dashlane.com/ ​ TWO-FACTOR AUTHENTICATION ● Authy -- https://authy.com/ ​ ● Built-in two-factor authentication (some emails like Google mail, various social media, etc.
    [Show full text]
  • Online Security and Privacy
    Security & Privacy Guide Security and Privacy Guide When thinking about security and privacy settings you should consider: What do you want to protect? Who do you want to protect it from? Do you need to protect it? How bad are the consequences if you fail to protect it? How much trouble are you prepared to go to? These questions should be asked whilst considering what information you are accessing (which websites), how you are accessing the information, (what device you are using) and where you are accessing the information (at home, work, public place). Security & Privacy When looking at your Digital Security you are protecting your information against malicious attacks and malware. (Malware is software intentionally designed to cause damage to a computer). Digital Privacy is different as you are deciding what information you are prepared to share with a website or App (or its third party partners) that you are already using. Permission to share this information can be implicit once you start using a website or App. Some websites or Apps will allow you to control how they use your information. Security Physical access: How secure is the device you are using? Is it kept in a locked building, at home, or do you use it when you are out and about? Does anyone else have access to the device? Do you require a passcode or password to unlock your device? Virtual access: Have you updated your IOS software (on an iPad) or installed the latest anti-virus software on your device? Most devices will prompt you when an update is available.
    [Show full text]
  • Password Managers an Overview
    Peter Albin Lexington Computer and Technology Group March 13, 2019 Agenda One Solution 10 Worst Passwords of 2018 Time to Crack Password How Hackers Crack Passwords How Easy It Is To Crack Your Password How Do Password Managers Work What is a Password Manager Why use a Password Manager? Cloud Based Password Managers Paid Password Managers Free Password Managers How to Use LastPass How to Use Dashlane How to Use Keepass Final Reminder References March 13, 2019 2 One Solution March 13, 2019 3 10 Worst Passwords of 2018 1. 123456 2. password 3. 123456789 4. 12345678 5. 12345 6. 111111 7. 1234567 8. sunshine 9. qwerty 10. iloveyou March 13, 2019 4 Time to Crack Password March 13, 2019 5 Time to Crack Password March 13, 2019 6 Time to Crack Password March 13, 2019 7 Time to Crack Password Time to crack password "security1" 1600 1400 1200 1000 Days 800 Days 600 400 200 0 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 Year March 13, 2019 8 How Hackers Crack Passwords https://youtu.be/YiRPt4vrSSw March 13, 2019 9 How Easy It Is To Crack Your Password https://youtu.be/YiRPt4vrSSw March 13, 2019 10 How Do Password Managers Work https://youtu.be/DI72oBhMgWs March 13, 2019 11 What is a Password Manager A password manager will generate, retrieve, and keep track of super-long, crazy-random passwords across countless accounts for you, while also protecting all your vital online info—not only passwords but PINs, credit-card numbers and their three-digit CVV codes, answers to security questions, and more … And to get all that security, you’ll only need to remember a single password March 13, 2019 12 Why use a Password Manager? We are terrible at passwords We suck at creating them the top two most popular remain “123456” and “password” We share them way too freely We forget them all the time We forget them all the time A password manager relieves the burden of thinking up and memorizing unique, complex logins—the hallmark of a secure password.
    [Show full text]
  • That Was Then, This Is Now: a Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers∗
    That Was Then, This Is Now: A Security Evaluation of Password Generation, Storage, and Autofill in Browser-Based Password Managers∗ Sean Oesch Scott Ruoti University of Tennessee, Knoxville University of Tennessee, Knoxville [email protected] [email protected] Abstract websites [11, 15, 25, 33]. Herley points out that this rejection Password managers have the potential to help users more of security advice by users is rational when the low effectively manage their passwords and address many of the percentage of users affected by breaches is contrasted with concerns surrounding password-based authentication. the effort required [18]. However, the number of data However, prior research has identified significant breaches is on the rise [28], and this situation leaves many vulnerabilities in existing password managers; especially in users vulnerable to exploitation. browser-based password managers, which are the focus of Password managers can help users more effectively manage this paper. Since that time, five years has passed, leaving it their passwords. They reduce the cognitive burden placed unclear whether password managers remain vulnerable or upon the user by generating strong passwords, storing those whether they have addressed known security concerns. To passwords, and then filling in the appropriate password when answer this question, we evaluate thirteen popular password a site is visited. The user is now able to follow the latest managers and consider all three stages of the password security advice regarding passwords without placing a high manager lifecycle—password generation, storage, and cognitive burden on themselves. But password managers autofill. Our evaluation is the first analysis of password are not impervious to attack.
    [Show full text]
  • Password Managers
    Password Managers A Higher Education Information Security Council (HEISC) Resource JULY 2019 Password Managers What Is a Password Manager Tool? A password manager tool is software that helps users encrypt, store, and manage passwords. The tool also helps users create secure passwords and automatically log in to websites. Who Might Use a Password Manager Tool, and Why? Users should employ unique passwords for each website or system to help minimize the impact from the breach of one website or system; however, most users cannot remember a separate password for many sites and tend to reuse passwords or write them on a sticky note attached to their computer. Additionally, organizations may have passwords that need to be shared across teams and want a secure method to do so. Password manager tools allow users and teams to more securely manage many distinct passwords and automatically log them in to websites. The Benefits of Using a Password Manager Tool Password manager tools enable users to create and securely store unique passwords for websites, applications, and other systems without having to memorize or write them down. Risks to Consider When Using a Password Manager Tool Special care should be taken to secure the password tool, as it will grant access to all passwords. The “master” password that grants access to the tool should be very strong and unique, and multifactor authentication should be used if possible. Almost all modern commercial password managers allow users to implement some form of multifactor authentication. You will also need to decide whether you want your password management tool to store passwords locally or in the cloud.
    [Show full text]
  • Elcomsoft Distributed Password Recovery Unlocks 1Password, Keepass, Lastpass and Dashlane Vaults
    Elcomsoft Distributed Password Recovery Unlocks 1Password, KeePass, LastPass and Dashlane Vaults Moscow, Russia – August 10, 2017 - ElcomSoft Co. Ltd. updates Distributed Password Recovery, enabling the recovery of master keys protecting encrypted vaults of four popular password managers: 1Password, KeePass, LastPass and Dashlane. By attacking a single master password, experts can gain access to the entire database containing all of the user’s saved passwords, authentication credentials and other highly sensitive information. Password managers’ protected vaults may contain images of user’s documents, various identity- related information, payment and loyalty card numbers. “We’re continuing our quest on expanding the types of passwords we can break”, says Vladimir Katalov, ElcomSoft CEO. “This time we are targeting four of the most popular password managers, allowing experts gaining access to protected vaults containing users’ authentication credentials, stored logins, passwords and forms to numerous resources. With today’s password managers this only requires breaking a single master password.” One Password to Rule Them All The idea behind all password management apps is simple: allowing users to securely store, organize and use passwords required to authenticate into various resources. As the user no longer has to remember the many different passwords, the use of password managers effectively cuts password re-use and stimulates the use of strong, unique passwords to protect different resources. Password managers can even automatically generate strong, random passwords that are unique per Web site or resource, rendering both dictionary and brute-force attacks ineffective. These passwords are stored in encrypted vaults, and can be only decrypted once the user enters their master password.
    [Show full text]
  • Free Cross-Platform Password Manager Compatible with Keepass
    Personal Open source Business Explore Pricing Blog Support This repository Sign in Sign up keeweb / keeweb Watch 173 Star 3,657 Fork 224 Code Issues 70 Pull requests 0 Projects 0 Wiki Pulse Graphs Free cross-platform password manager compatible with KeePass https://keeweb.info 1,106 commits 4 branches 41 releases 14 contributors MIT master New pull request Find file Clone or download antelle Merge branch 'release-1.3' Latest commit 52701af 21 days ago .github update link in pr template 4 months ago .idea eslint 3 months ago app jshint 21 days ago electron bump version 21 days ago graphics remove old gif 3 months ago grunt/tasks validation a month ago helper fix #342: edge url detection 29 days ago package package 2 months ago util fix #376: init storages when config is read 21 days ago .editorconfig check if the app is running 3 months ago .eslintrc eslint 3 months ago .gitignore darwin keewebhelper draft 3 months ago Gruntfile.js fix update archive a month ago LICENSE.txt separate license 23 days ago LICENSES-DEPS.txt separate license 23 days ago README.md wording 23 days ago bower.json fix #315: loading keyfiles with bom 2 months ago features.md features page 8 months ago keeweb.iml fix #86: context menu 2 months ago npm-shrinkwrap.json no beta for me 2 months ago package.json bump version 21 days ago release-notes.md bump version 21 days ago README.md Free cross-platform password manager compatible with KeePass This webapp is a browser and desktop password manager compatible with KeePass databases.
    [Show full text]
  • Keepass for Windows
    IT Services Support Werftestrasse 4, Postfach 2969, CH-6002 Luzern T +41 41 228 21 11 www.hslu.ch Lucerne, 17 March 2020 Page 1/15 KeePass Short description: Installation instructions and description of the basic functions of KeePass, including browser extension for Google Chrome and Mozilla Firefox. (Windows) Classification: ☒ IT internal ☒ Public ☐ Other Customer group: ☒ HSLU ☒ PHLU ☐ Other Function: ☒ Employees/lecturers ☒ Students ☐ Other Device management type: ☒ HSLU/PHLU devices ☒ Private devices ☐ Other Operating system: ☒ Windows ☐ Mac ☐ Other Publication: ☒ hslu.ch/helpdesk ☒ Intranet ☐ Other Support: Web: hslu.ch/helpdesk Email: [email protected] Phone: 041 / 228 21 21 Portal: helpdesk.hslu.ch Lucerne, 17 March 2020 Page 2/15 KeePass List of changes Version Date Status Changes and remarks Edited by No 0.1 19/07/2017 Created scc No 0.2 04/08/2017 Edited scc No 1.0 10/08/2017 Completion Scc No 2.0 17/03/2020 Amendment browser extension kju Table of contents 1. About KeePass .................................................................................................................................... 3 2. Download and installation .................................................................................................................. 3 3. Create and configure a database ......................................................................................................... 3 4. Adding a new entry ............................................................................................................................
    [Show full text]
  • Keeweb Penetration Test Report
    Open Penetration Test Report: KeeWeb Version: 1.0.1 06.05.2020 Dr. Marcus Niemietz Phone: (+49)(0)234 / 45930961 j E-Mail: [email protected] Project Information Application: KeeWeb v1.12.3 (9b07bbd5, 2019-11-06) (https://keeweb.info) Environment: web, native Developer: Dimitri Witkowski (Antelle) Project leader: Hackmanit GmbH Universitätsstraÿe 150 44801 Bochum, Germany Project executive: Dr. Marcus Niemietz Phone: (+49)(0)234 / 45930961 Fax: (+49)(0)234 / 45930960 E-Mail: [email protected] Project members: Dr. Christian Mainka (Hackmanit GmbH) Karsten Meyer zu Selhausen (Hackmanit GmbH) Prof. Dr. Juraj Somorovsky (Hackmanit GmbH) Project period: 2020-03-16 2020-04-03 Version of the report: 1.0.1 This report was technically veried by Dr. Christian Mainka. This report was linguistically veried by David Herring. Hackmanit GmbH Represented by: Prof. Dr. Jörg Schwenk, Prof. Dr. Juraj Somorovsky, Dr. Christian Mainka, Dr. Marcus Niemietz Register court: Bochum, Germany Register number: 14896 1 Contents Contents 1 Summary3 2 Project Timeline4 3 Methodology4 4 General Conditions and Scope5 5 Overview of Weaknesses and Recommendations6 6 Weaknesses8 6.1 H01 Use of the Deprecated OAuth Implicit Grant.............8 6.2 H02 XSS via Form Fields........................... 10 6.3 H03 XSS via a Pseudo-Protocol Denition................. 12 6.4 M01 Use of an Embedded User-Agent for User Authentication...... 14 6.5 M02 Possible Access Token Injection with postMessage() API....... 15 6.6 M03 Violation of the OAuth 2.0 Best Current Practices.......... 17 7 Recommendations 19 7.1 R01 Delivering the Content Security Policy................. 19 7.2 R02 Implementing a Logout Option....................
    [Show full text]
  • The Forensic Analysis of Keepass and Password Safe
    Running head: FORENSIC ANALYSIS OF KEEPASS AND PASSWORD SAFE 1 The Forensic Analysis of KeePass and Password Safe: An Evaluation of Open Source Password Managers By Daryl R. Middleton Graduate Student Capstone Project for Information Security and Intelligence Ferris State University Advisor: Dr. Greg Gogolin, Ph.D. Full Professor Department of Information Security and Intelligence Spring, 2017 Ferris State University Big Rapids, MI FORENSIC ANALYSIS OF KEEPASS AND PASSWORD SAFE 2 ACKNOWLEDGEMENTS The process of completing a Capstone Project is one that builds on many semesters of hard work. It is a compilation of skillsets that have accumulated over the course of study and experiences crafted by talented instructors. I would like to thank Professor Greg Gogolin, Ph.D. for his ability to teach the technical aspects of Digital Forensics; yet emphasize the importance of people as part of the equation and how they are affected by the investigators findings. The deep knowledge that Professor Gogolin possesses in each subject area provided a broad platform from which to integrate disparate ideas and creative solutions. His rapid response to questions and academic guidance was critical to the success of this project. I would also like to thank Associate Professor Jim Furstenberg for his enthusiastic approach to learning especially where group collaboration is essential. His insight into time management, gathering intelligence and documenting research material was so helpful in maintaining an organized methodology from the very beginning of the project. I would like to thank Professor Hwee-Joo Kam D.Sc. for her knowledge and teaching skills pertaining to database design and security that was instrumental in helping me understand the importance of those concepts.
    [Show full text]