Small database program that is specifically designed to store and manage user accounts and passwords.
It is free, “open source”; not supported by a large company, maintained by volunteers / communities of developers
Versions exist for multiple platforms.
Demo of key features: Materials: Sample database running “Portable Apps”
Password entries organized by “Groups”
Main features of a record: Descriptive title Username URL: Web site associated with the account Password “Quality” of the password” -Bar indicates quality - harder passwords have a larger bar “Comments” Allow you to write additional information regarding the account “Attachment” Word docs, PDF’s...relevant information
Using the database to enter usernames and passwords into a Web page Using the database to enter passwords Simple method to enter passwords Button, “Copy Username to Clipboard” Button “Copy password toclipboard”
Creating a new Record: Choose a group, choose an icon Password generation -Get to define complexity of the password -Often determined by the service that you want to sign on to -Can assist you in generating secure passwords
Sorting Records -”View” > “Auto Sort password list”
Searching Records -Search by title, content
-Withkeypass on multiple computers, carry a “keyfile” on an external hard drive
-MyFiles : connect to MyFiles share using “Xythos Drive” or through Mac OSX finder
-”Dropbox”: Sync between multiple computers, may also work to sync with blackberry, iphone, etc.
-”Portable Apps” (DEMO): run the program carry data on a USB drive; works with Windows (e.g. Smart Classroom) computers
Challenges and Solutions
Jim Behnke and Jose DeLeon
…when does too many passwords
become a hindrance to instructors?
Photos of family / friends?
Research / doctoral thesis?
Confidential survey data?
Given that user names and passwords are
Why do people use weak passwords, or no
passwords at all, by preference?
Too many passwords
May prevent or discourage use of technology
Difficult to track and organize efficiently
Differing password complexity requirements
Open-source password management database
Database for secure
storage of user
Stores data needed to accessWeb-based
Tools for securely generating and evaluating
Makes using passwords convenient
Encrypted data files
What happens if someone steals your database
Wikipedia definition: “encryption”
“In cryptography, encryption is the process of
transforming information (referred to as
plaintext) using an algorithm (called cipher) to
make it unreadable to anyone except those
possessing special knowledge, usually
referred to as a key.”
Problem: How do I carry my
password database from
device to device?
USB Flash Drives (for data files)
MyFilesw/ “Xythos Drive” or OSX
“DropBox” (www.dropbox.com) or
similar “data synchronization” service
“Portable apps” (DEMO)
(http://portableapps.com/) or similar
KeyPass Pros KeyPass Cons
•Relatively easy to use
•Cross-platform inc. mobile
•Widespread use, many
•e.g. synchronize databases
between computers, automatically
enter information instead of copying
•Currently, requires additional
effort / knowhow to make it
•”Plugins” must be sought
out, installed, and toyed with
IE, Chrome, Safari, Firefox
Iphone, BlackBerry, Windows Phone, Symbian, Android
USB Flash Drive
SSL encryption on all traffic to Last Pass servers
Database encrypted/decrypted at the client side with 256-bit
AES before transmission to servers
Master password stored on servers as a hash.