Safely storing passwords ... synced and available on multiple computers?

Toggle sidebar Toggle sidebar
Carson Dyle

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
What is a good, secure approach to storing passwords so that they would be available from multiple computers? Work, home, my laptop, etc. They would need to be synced on all systems when a change is made.
 
Chiefcrowe

Chiefcrowe

Diamond Member
Sep 15, 2008
5,053
196
116
You can also use a portable version of keepass and store it on a cloud location accessible to all of the computers.
 
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,137
9,580
126
Chiefcrowe said:
You can also use a portable version of keepass and store it on a cloud location accessible to all of the computers.
Click to expand...

This is what I do. I keep a whole KeePass portable folder synced to SpiderOak, and use the database with KeePassX on Debian.
 
Carson Dyle

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
Questions about lastpass.com:

I gather this is an application that runs on each computer accessing the password database and that it closely integrates with browsers to auto-fill password forms. Is it possible to view the plain text version of any password? Is it possible to view/save a master list of all passwords in plain text?
 
Carson Dyle

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
Questions about using KeePass:

Do you store both the application and the database in the cloud, or only the database? How does it differ from LastPass?
 
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,137
9,580
126
Carson Dyle said:
Questions about using KeePass:

Do you store both the application and the database in the cloud, or only the database? How does it differ from LastPass?
Click to expand...

Never used Lastpass, but for storage, you can do either depending on the exact version you're using. I find it convenient to store the whole portable application in the cloud. That way I can get the database, and have something to open it with in one shot, and without installation. KeePassX uses the same database, so I have that installed on my primary box, and it uses the database from my SpiderOak folder. KeePassDroid also uses the same database, and I have that on my Android tablet.

All my experience is with the 1.x version, which still has active development. 2.x has more features, but also has more dependencies which is why I haven't used it. I don't know how interchangeable 1.x and 2.x databases are.
 
Carson Dyle

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
Thanks.

A little OT, but I understand SpiderOak encrypts everything that is stored on their servers. I have a Dropbox account. Does anyone know if Dropbox also encrypts files it stores in the cloud, or do they only encrypt the communication between the app running on your computer and their servers?

I realize this doesn't make any difference with KeePass, as the password database itself would obviously be encrypted. I was just wondering about the inner workings of Dropbox.
 
Last edited:
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,137
9,580
126
Dropbox stores the files encrypted, but they have the keys. That means they can(and do) open the files, or be forced to open the files. SpiderOak doesn't hold the encryption keys, so the only way to decrypt them is directly through you.
 
Carson Dyle

Carson Dyle

Diamond Member
Jul 2, 2012
8,173
524
126
KeePass set up like this would work offline, correct? I assume SpiderOak works the same as Dropbox and keeps copies of all files stored both locally on the computer(s) as well as within their cloud storage.
 
lxskllr

lxskllr

No Lifer
Nov 30, 2004
59,137
9,580
126
Carson Dyle said:
KeePass set up like this would work offline, correct? I assume SpiderOak works the same as Dropbox and keeps copies of all files stored both locally on the computer(s) as well as within their cloud storage.
Click to expand...

Correct. KeePass doesn't have an online component unless you set one up yourself. That could be considered a deficiency when compared to other solutions, but I don't trust companies to properly care for something like a password safe. I prefer to use libre software that's controlled by me. I can then use any service, or no service to keep it synced online, and I'll always have my passwords under my control.
 
F

FoxFifth

Member
Feb 16, 2010
139
0
0
Carson Dyle said:
Questions about lastpass.com:

I gather this is an application that runs on each computer accessing the password database and that it closely integrates with browsers to auto-fill password forms. Is it possible to view the plain text version of any password? Is it possible to view/save a master list of all passwords in plain text?
Click to expand...

You can view the plain text version of a password (as long as you are logged in) and you can export or print a master list.
 
corkyg

corkyg

Elite Member | Peripherals
Super Moderator
Mar 4, 2000
27,370
239
106
I do that with Roboform To Go. It puts the encrypted file on a Thumb Drive, and you can use it ony computer.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom