I’m embarrassed to admit it: for years, my password manager for travel has been me.
Until now, that is.
After swearing I’d never put my online life at risk again by taking my passwords — scribbled on a piece of paper or typed in a precarious Excel spreadsheet — with me around the world, I put hours into researching the best password management solution for my journeys abroad (my head’s still spinning).
I finally found one, and it’s called KeePassX, a free password manager with encryption tools on steroids that protect my most important personal data. A hacker will have to jump a lot more hurdles to access my passwords, which are now stronger and safer than ever. They’re also more accessible, whether I’m in Istanbul, Rio de Janeiro or home in Toronto.
KeePassX is a clone of KeePass, which I would use instead (it offers more features) but it is not Mac-compatible. KeePassX, on the other hand, is a cross-platform program. You’ll find out why that’s important further down.
Why a Password Manager?
I have collected so many online passwords over the years, it’s staggering. It’s also frightening when I consider how weak they
are were, the number of times I’ve duplicated them and the ease with which they could’ve fallen into the wrong hands or been destroyed in a disaster.
I won’t overwhelm you with the technical details (you can find some in this InfoWorld article), but a password management system uses sophisticated, powerful encryption algorithms to securely store, and provide access to, all your passwords in one place.
How do I remember all my passwords when each one is unique and looks something like “$9$uY4o0EyMWxdwgX7”? I don’t. Because KeePassX remembers them for me. Oh, and it does even more legwork by generating the lengthy, no-one-would-guess-in-a-million-years passwords so I don’t have to.
Password managers typically require you to memorize only one master password to unlock your vault of other passwords, which is stored either locally or on a cloud. The features that come with the service vary by provider: it can sync the passwords between your desktop and mobile devices, auto-fill online forms and/or store credit card numbers and important documents. Many now offer a customizable password generator and two-factor authentication for added security.
KeePassX is not the most attractive, convenient or sophisticated password manager. It offers auto-fill for Linux only so I do have to copy and paste the password from my database to a website. But the software is easy to download. It allows me to include notes with, and attach a document to, each login/password file. For even more security, I can use a key file to access my passwords. For me, KeePassX does everything I need it to do.
Travel blogger Laura Lynch of Savored Journeys uses KeePass (which is almost the same as KeePassX):
“It definitely helps me keep everything organized and safe while traveling. All you have to do is open the encrypted KeePass file with the free software by entering one master password, then you have reliable and secure access to all of your passwords.”
There is no official iOS app for KeePassX but I use SyncPass, a KeePassX-compatible third-party app, to open my database from my iPhone (only with my master password, of course). MiniKeePass (free) is another popular app.
Let’s say I need to pay a credit card bill online from Barcelona (there’s no such thing as phone banking for now, okay?). I would simply open my database with the KeePassX application on my laptop, enter my master password and retrieve the username and password for my bank. If my database is stored locally, I won’t need an internet connection to access it. Easy.
But wait… I didn’t bring my laptop, or maybe a thief made off with it. Now what? Luckily, I saved my database to my Google Drive before I left home, so from my iPhone I would use a secure internet connection to open Google Drive, then my database with SyncPass and retrieve my bank password.
Then there’s the worst case scenario: both my laptop and iPhone are stolen. Before retreating to a dark closet and curling into the fetal position, I would request access to someone’s secure network (a friend, hotel staff, hotel guest, etc.). They would have to be kind enough to let me download the KeePassX program to their computer, which could be either OS X or Windows since KeePassX works on both operating systems. Alternatively, the SyncPass app could be downloaded to their iPhone (or similar app for Android) which, of course, I would pay for. Only then will I be able to open my database. The program or app could be removed immediately after. This situation would call for more extreme measures but I’m okay with that; I would just have to jump through more hoops. If anyone has a better answer, however, I’d love to hear it.
Like this post? Pin it to Pinterest:
KeePassX vs. LastPass
Before settling on KeePassX, I also tested LastPass, which is considered by many the market leader in online password management. It comes with a lot more bells and whistles, but I decided on KeePassX for three reasons:
- A LastPass account is free, but not if I want to sync my passwords with my mobile devices. I’d need a Premium membership for that, which is 12 USD/year. Pennies, I know, but keep reading. The following points are more important.
- LastPass is cloud-based and saves its customers’ passwords on its own server, which means brute-force attacks on the company itself may expose my account to hackers (although such a security breach is highly unlikely given the company is in the business of online data protection). With KeePassX, however, my passwords are stored in a local database on my laptop, but I can choose to move, copy or sync it to a cloud like Google Drive or DropBox to access it from my iPhone. This way, I’m not vulnerable to security threats made against KeePassX. The bottom line is I have a choice and more control. If I do use a cloud, I can remove my database from it at any time.
- KeePassX is an open-source platform, which means the integrity of its code can be scrutinized by anyone who wants to question or test its security. LastPass doesn’t offer such transparency. Instead, it uses proprietary encryption technology.
Notwithstanding the above, LastPass came a very close second so I do think it’s a solid option. (Read this article for a side-by-side comparison with KeePass.)
This is what long-term traveller, blogger and former IT professional Laurence Norah of Finding the Universe says about it:
“I use LastPass for all my password management needs across all my devices (Windows and Android) and can’t recommend it enough. I love that I only need to remember one password, that it auto-generates (and remembers!) secure passwords for every site I sign up for, and that it supports two factor authentication for even greater security. It also works offline.”
“I love 1Password for travel because it:
- Generates a unique password for every account I have and I just remember one to unlock all of them.
- Stores not just passwords, but all kinds of data including scanned passports and credit cards.
- Automatically enters your password when you get onto a website, and for new ones it creates a unique password instantly and stores it.
- Allows sharing with others without revealing the password. Instead, it sends an encrypted link.”
A Few Things to Remember
Keep in mind:
- To protect your repository of passwords, make your master password as strong as possible. It must not be forgotten. Write it on paper and place it in a safe or safety deposit box, if you have to. Think of it as the master key that, if lost, will lock you out of the vault. Forever. (There is no “Forgot your password?” option for most password managers.) In such an event, you would have to change the password for every website you’ve registered with.
- If you want to add a second layer of security, use two-step authentication which is now offered by many password managers. KeePassX doesn’t come with this feature (KeePass does with a plugin) but Google Drive and Dropbox do, so I can make use of it if I save my database to one of those clouds.
- Do not open your password vault from a cloud on an open network (in a cafe or even a hotel where you’re given an individual password for your room). Don’t have access to a secure network? This is when a Virtual Private Network (VPN) is important (see this post to learn more).
I know, wrapping your head around this can be tedious and painfully laborious, but finding the right password manager is worth frying your brain over for a few hours.
You can’t afford not to.
The last thing I am is a techie so any thoughts would be appreciated. Is KeePassX a password manager you would use? Or are you already using a different one? Is there a reason you wouldn’t use a password manager at all?
Disclosure: I have no affiliation with KeePassX, KeePass, LastPass or 1Password. I do, however, earn a tiny commission if you click on the SyncPass link and purchase the app through iTunes (at no cost to you). Your support in helping me maintain this blog is appreciated.