The Complete Magazine on Open Source

A Peek into the Top Password Managers

SHARE
/ 313 1

Password Manager

We use passwords to ensure security and the confidentiality of our data. One of the biggest modern day crimes is identity theft, which is easily accomplished when passwords are compromised. The need of the hour is good password management. If you have considered using a password manager and haven’t decided on one, this article features the top five.

Have you ever thought of an alternative to remembering your passwords and not repeatedly entering your login credentials? Password managers are one of the best ways to store, back up and manage your passwords. A good password is hard to remember and that’s where a password manager comes in handy. It encrypts all the different passwords that are saved with a master password, the only one you have to remember.

What is a password manager?
A password manager is software that helps a user to manage passwords and important information so that it can be accessed any time and anywhere. An excellent password manager helps to store information securely without compromising safety. All the passwords are saved using some kind of encryption so that they become difficult for others to exploit.

Why you should use it
If you find it hard to remember passwords for every website and don’t want to go through the ‘Forgot password?’ routine off and on, then a password manager is what you are looking for. These are designed to store all kinds of critical login information related to different websites.

How does it work?
Password managers may be stored online or locally. Online password managers store information in an online cloud, which can be accessed any time from anywhere. Local password managers store information on the local server, which makes them less accessible. Both have their own advantages, and the manager you use would depend on your need.

Online password managers use browser extensions that keep data in a local profile, syncing with a cloud server. Some other password managers use removable media to save the password so that you can carry it with you and don’t have to worry about online issues. Both these options can also be combined and used as two-factor authentication so that data is even more secure.

The passwords are saved using different encryptions based on the services that the companies provide. The best password managers use a 256-bit (or more) encryption protocol for better security, which has been accepted by the US National Security Agency for top secret information handling.

Top five password managers  
KeePassX
KeePassX is an open source, cross-platform and light weight password management application published under the terms of the GNU General Public License. It was built based on the Qt Libraries. KeePassX stores information about user names, passwords and other login information in a secure database.
KeePassX uses its own random password generator, which makes it easier to create strong passwords for better security. It also includes a powerful and quick search tool with which a keyword of a website can be used to find login credentials that have been stored in the database. It allows users to customise groups, making it more user friendly. KeePassX is not limited to storing only usernames and passwords but also free-form notes and any kind of confidential text files.
Features

  • Simple user interface: The left pane tree structure makes it easy to distinguish between different groups and entries, while the right pane shows more detailed information.
  • Portable media access: Its portability makes it easy to use since there’s no need to install it on every computer.
  • Search function: Searches in the complete database or in every group.
  • Auto fill: There’s no need to type in the login credentials; the application does it whenever the Web page is loaded. This keeps it secure from key loggers.
  • Password generator: This feature helps to generate strong passwords that make it difficult for dictionary attacks. It can be customised.
  • Two factor authentication: It enables the user to either unlock the database by a master password or by a key from a removable drive.
  • Adds attachments: Any type of confidential document can be added to the database as an attachment, which allows users to secure not just passwords.
  • Cross-platform support: It works on all supported platforms. KeePassX is an open source application, so its source code can be compiled and used for any operating system.

Figure 1 KeePassX

  • Security: The password database is encrypted with either the AES encryption or the Twofish algorithm, which uses 256-bit key encryption.
  • Expiration date: The entries can be expired, based on a user defined date.
  • Import and export of entries: Entries: from PwManager or Kwallet can be imported, and entries can be exported as text files.
  • Multi-language support: It supports 15 languages.

Clipperz
Clipperz is a Web-based, open source password manager built to store login information securely. Data can be accessed from anywhere and from any device without any installation. Clipperz also includes an offline version when an Internet connection is not available.
Features  

  • Direct login: Automatically logs in to any website without typing login credentials, with just one click.
  • Offline data: With one click, an encrypted local copy of the data can be created as a HTML page.
  • No installation: Since it’s a Web-based application, it doesn’t require any installation and can be accessed from any compatible browser.
Figure 2 Clipperz

Figure 2 Clipperz

 

Figure 3 Password Gorilla

Figure 3 Password Gorilla

 

  • Data import: Login data can be imported from different supported password managers.
  • Security: The database is encrypted using JavaScript code on the browser and then sent to the website. It requires a passphrase to decrypt the database without which data cannot be accessed.
  • Support: Works on any operating system with a major browser that has JavaScript enabled.

Password Gorilla
Password Gorilla is an open source, cross-platform, simple password manager and personal vault that can store login information and notes. Password Gorilla is a Tcl/Tk application that runs on Linux, Windows and Mac OS X. Login information is stored in the database, which can be accessed only using a master password. The passwords are SHA256 protected and the database is encrypted using the Twofish algorithm. The key stretching feature makes it difficult for brute force attacks.
Features

  • Portable: Designed to run on a compatible computer without being installed.
  • Import of database: Can import the password database saved in the CSV format.
  • Locks the database when idle: It automatically locks the database when the computer is idle for a specific period of time.
Figure 4 Gpassword manager

Figure 4 Gpassword manager

  • Security: It uses the Twofish algorithm to encrypt the database.
  • Can copy credentials: Keyboard shortcuts can be used to copy login credentials to the clipboard.
  • Auto clear: This feature clears the clipboard after a specified time.
  • Organises groups: Groups and sub-groups can be created to organise passwords for different websites.

Gpassword Manager
Gpassword Manager is a simple, lightweight and cross-platform utility for managing and accessing passwords. It is published under the terms of the Apache License. It allows users to securely store passwords/URLs in the database. The added entries can be marked as favourites, which then can be accessed by right-clicking the system tray icon. The passwords and other login information shown in the screen can be kept hidden based on user preferences.
Features

  • Access to favourite sites: A list of favourite Web pages can be accessed quickly from the convenient ‘tray’ icon.
  • Quick fill: Passwords and other information can be clicked and dragged onto forms for quick filling out.
  • Search bar: The quick search bar allows users to search passwords that are needed.
Table 1 Top five password managers-a comparison

Table 1 Top five password managers-a comparison

  • Password generator: Passwords with user-defined options can be generated with just a click.
  • Quick launch: Favourite websites can be launched by right-clicking the tray icon.

 

Figure 5  Password Safe

Figure 5 Password Safe

Password Safe
Password Safe is a simple and free open source application initiated by Bruce Schneier and released in 2002. Now Password Safe is hosted on SourceForge and developed by a group of volunteers. It’s well known for its ease of use. It is possible to organise passwords based on user preference, which makes it easy for the user to remember. The whole database backup and a recovery option are available for ease of use. Passwords are kept hidden, making it difficult for shoulder surfing. Password Safe is licensed under the Artistic licence.

Features

  • Ease of use: The GUI is very simple, enabling even a beginner to use it.
  • Multiple databases: It supports multiple databases. And different databases can be created for each category.
  • Safe decryption: The decryption of the password database is done in the RAM, which leaves no trace of the login details in the hard drive.
  • Password generator: Supports the generation of strong, lengthy passwords.
  • Advanced search: The advanced search function allows users to search within the different fields.
  • Security: Uses the Twofish algorithm to encrypt the database.

 

 

  • Roopak

    Good topic and really impressive way of describing the topic. All the best