Security - Password safe tools

There are some tools that I utilized during these years for saving password purposes.

Here is a brief description:


Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. The thief would have access to your e-mail account, website, etc. Unimaginable.

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see the features page.

Password Safe

Password Safe allows you to manage your old passwords and to easily and quickly generate, store, organize, retrieve, and use complex new passwords, using password policies that you control. Once stored, your user names and passwords are just a few clicks away.
Using Password Safe you can organize your passwords using your own customizable references—for example, by user ID, category, web site, or location. You can choose to store all your passwords in a single encrypted master password list (an encrypted password database), or use multiple databases to further organize your passwords (work and home, for example). And with its intuitive interface you will be up and running in minutes.

  • Open Source - Most important, you don't have to take our word for it. You can download the source code and inspect it yourself, or have someone else check it for you. If you're really concerned, you can build the program from the sources you've downloaded and reviewed, instead of the binary files we build for each release.
  • For the files we provide, you can check that they're the ones that we've uploaded, and not tampered with, by checking the GPG cryptographic signature that's generate for each file.
  • Designed by Bruce Schneier - the original version was designed by renowned security expert Bruce Schneier, and we have his permission to say so.
  • No back door / recovery mechanism - there's no way for users (or developers, for that matter) to access the passwords without the master key.
  • Hard to brute-force - In the absence of back doors, an attacker can try a brute-force attack, e.g., using a dictionary. Password Safe has safeguards in place to make this as hard as possible.
  • The master passphrase is never stored the clear. We store something that derived from the master passphrase, but hard to calculate. When you enter your passphrase, we duplicate the calculation and compare the results. Only if the comparison succeeds do we continue to derive the encryption key from your master passphrase.
  • Sensitive memory is kept from swapping to disk.
  • All user data is encrypted in memory.
  • Memory with sensitive data is wiped as soon as possible.
  • File integrity checks: Even if the file's encrypted, it's not necessarily protected against unauthorized modification. Password Safe implements integrity checks on the file so that an attacker cannot modify it without knowing the master passphrase.
  • Reliability: Backups of previous databases are kept by default. The user can configure how many backups to keep and where to keep them.
  • For more details, feel free to contact the authors.

Youtube presentation: