With the hundreds of usernames and passwords, every typical Internet user has to remember, it is necessary to use a Password Manager. A typical Password manager is an application with a secure database that will store and retrieve hundreds of Usernames and Passwords with one key “Password“. Most of these tools have a high level of security measures ensured to protect the passwords stored, both from in-memory and from-disk attacks.
I have been initially using Password Safe, then moved to Plural Sight’s Keith Brown’s Password Minder that we extended in Vishwak. Password Minder was not managed by a community and we also didn’t want to commit resources to keep the project alive – earlier 3 years back Password Minder filled a vacancy neatly. As a result, the application has bugs that need to be fixed in our extension and poor Windows Vista compatibility. In Open-Source now you have lots of Password Managers which have more features, work across platforms, and offer better security – most importantly they have vibrant communities behind them that keep the projects updated regularly.
I weighed between the choice of committing resources to fix Password Minder or moving to a new application. In the end, I decided to move. After evaluating many products, I have ended my search with KeePass. This is a perfect Password Manager that offers state-of-the-art security, works on multiple platforms (Windows, Windows Mobile, Linux, MacOS, J2ME, PalmOS) and is very easy to use.
I still run Password Minder, but every time I need to access a site that is in Password Minder I first recreate it in KeePass, and delete it in Password Minder. This way I hope to fully move to KeePass in a few weeks.
Update 2021: I have moved to a fork of KeePass, called KeePassX which is faster, and more active yet is compatible with the KDBX database file of the original KeePass.