Integrating your browser and password manager without a third-party service

Topics: 

Services like LastPass are extremely popular for automatically entering credentials (username and password combinations) for logging into Web sites. They also generate passwords as needed and store them. They're not without their problems, however.

The two major issue with these types of services are the following:

  • It's necessary to rely on a third-party service.
    • If the site goes down temporarily, goes out of business, or significantly increases their fees (and you don't have a local copy of your data), you'll really be in trouble.
  • You have to trust the service with your confidential information.

The solution is to stick with open-source tools so that you don't have to worry about these issues. Here's a recipe that works quite well:

If you'd like to synchronize your database across devices, you'll need a service to do that, but you won't have to trust it to the same degree because your passwords are already encrypted. I recommend SpiderOak for this as they client-side encrypt everything (for an extra layer of protection), or at least they claim to - see my comments above! At the time of this writing, the commonly-used Dropbox definitely doesn't do this.

Mobile and other clients for KeePass are listed on the KeePass Downloads page.

Add new comment