Keep Your Domain Information, Passwords, Program Set-ups and Registration Keys, Credit Card Information and Family Records (Insurance Policy Numbers, Bank Account Information, Lawyer Information) and General Information In A Password Encrypted Database That Doesn’t Break and Will Fit on a Thumb Drive.  It is Totally Portable and Secure!

Over time, you’ll accumulate a number of user name and password combinations from participating in forums, maintaining email accounts, signing up for newsletters and installing software. 

I’ve always had a difficult time keeping urls, user names and passwords straight. I’ve used MS Excel spreadsheets, an Access database, the "notes" feature in Outlook and even plain text files to keep track of email accounts, usernames and passwords.  I know I’ve lost hundreds of hours trying to recover or restore that information after a hard disk crash or virus attack! 

Excel spreadsheets can provide some level of security as you can password protect a spreadsheet which will prevent someome from viewing your password information.  This will at least slow down a thief should your laptop be stolen.  Note I said "slow down" because the thief could hand the laptop to his buddy who has a password extraction program and viola, your spreadsheet is now viewable (along with all your accounts, usernames and passwords.)

Keepass totally eliminates that problem and provides a number of features that make using it a pleasure.

First, and most important, Keepass encrypts the ENTIRE database.  The encryption is so strong that the designers doubt that it could be cracked, even by a seasoned cryptologist.

Second, Keepass is portable.  This may not sound like a big deal, but consider the following.  The program and database are small enough to run from a USB drive.  There’s NO installation program, no tinkering with the registry and no setup requirements!  This makes two issues easy to deal with.  First, backups are a snap.  Second, you can move the entire program from one machine to another by simply copying it to a USB drive and plugging that drive into a new computer.

Third, and my reason for promoting Keepass, it DOES NOT break!  I’ve had problems with corrupted spreadsheets and Outlook data files, but I never, ever had a problem with Keepass.

Fourth, it will transfer your username and password to the Windows clipboard so that you can copy the information into a web brower text box.   For example, to log into a forum, load the forum in your web browser.  Start up Keepass and go to the entry for that forum.  Double click on your username and that information is transfered to the clipboad.  Switch to the brower and either right-click and select paste or press control+V.  After a few seconds Keepass automatically clears the Windows clipboard so that malware cannot copy the information!

Fifth, Keepass tracks expiration dates and provides reminders when things like domain names, insurance policies or membership periods are about to expire.

Sixth, you have the option of having Keepass available from the System Tray.  This way it can act as pop-up when you browse the web.  Very convenient indeed.

Keepass has a whole raft of other features (listed below) but these are my top six favorites. 

Reasons you need to check out Keepass

Strong Security

• KeePass supports the Advanced Encryption Standard (AES, Rijndael) and the Twofish algorithms to encrypt its password databases.
• Both of these ciphers are regarded as very secure by the cryptography community. Banks are using these algorithms for example, too.
• Even if you would use all computers in the world to attack one database, decrypting it would take longer than the age of the universe.
• Even quantum computers won’t help that much. The algorithms are symmetric so its complexity would be reduced a bit, anyway, the sun will go nova before you have decrypted the database.
• The complete database is encrypted, not only the password fields. So your usernames, notes, etc. are protected, too.
• SHA-256 is used as password hash. SHA-256 is a 256-bit cryptographically secure one-way hash function. Your master password is hashed using this algorithm and its output is used as key for the encryption algorithms.
• In contrast to many other hashing algorithms, no attacks are known yet against SHA-256.
• Protection against dictionary and guessing attacks: by transforming the final master key very often, dictionary and guessing attacks can be made harder.
• In-Memory Passwords Protection: Your passwords are encrypted while KeePass is running, so even if Windows caches the KeePass process to disk, this wouldn’t reveal your passwords anyway.
• [2.x] Protected In-Memory Streams: When loading the inner XML format, passwords are encrypted using a session key.
• Security-Enhanced Password Edit Controls: KeePass is the first password manager that features security-enhanced password edit controls. None of the available password edit control spies work against these controls. The passwords entered in those controls aren’t even visible in the process memory of KeePass.
• Also see the security information page.

Multiple User Keys

• One master password decrypts the complete database.
• Alternatively you can use key files. Key files provide better security than master passwords in most cases. You only have to carry the key file with you, for example on a floppy disk, USB stick, or you can burn it onto a CD. Of course, you shouldn’t lose this disk then.
• For even more security you can combine the above two methods: the database then requires the key file and the password in order to be unlocked. Even if you lose your key file, the database would remain secure.
• [2.x] Additionally, you can lock the database to the current Windows user account. The database can then only be opened by the same person who created it.
• Also see keys information page.

Portable and No Installation Required

• KeePass is portable: it can be carried on an USB stick and runs on Windows systems without being installed.
• Installer packages are available, too, for the ones who like to have shortcuts in their Windows start menu and on the desktop.
• KeePass doesn’t store anything on your system. The program doesn’t create any new registry keys and it doesn’t create any initialization files (INI) in your Windows directory. Deleting the KeePass directory (in case you downloaded the binary ZIP package) or using the uninstaller (in case you downloaded the installer package) leaves no trace of KeePass on your system.
• [1.x] KeePass runs, without downloading any additional libraries, on Windows 98, 98SE, ME, NT, 2000, XP (Home & Pro, 32-bit & 64-bit), 2003 and Vista. No .NET framework is required. ¹
• [2.x] KeePass requires the Microsoft .NET Framework (which can be downloaded for free at Microsofts website). Windows Vista already includes this framework; for Windows 98 / ME / 2000 / XP you need to install it, if it’s not installed already.
• Ports for other systems like Linux, MacOSX, PocketPC, Smartphone, etc. are available! See the downloads page.

Export To TXT, HTML, XML and CSV Files

• The password list can be exported to various formats like TXT, HTML, XML and CSV.
• The XML output can be easily used in other applications.
• The HTML output uses cascading style sheets (CSS) to format the table, so you can easily change the layout.
• The CSV output is fully compatible with most other password safes like the commercial closed-source Password Keeper and the closed-source Password Agent, also the CSVs can be imported by spreadsheet applications like Microsofts Excel or OpenOffice’s Calc.
• Many other file formats are supported through KeePass plugins.

Import From Many File Formats

• KeePass uses the common CSV export format of various passwords safes like Password Keeper and Password Agent. Exports from these programs can be easily imported to your KeePass databases.
• KeePass can parse and import TXT outputs of CodeWalletPro, a commercial closed-source password safe.
• KeePass can import TXT files created by Bruce Schneier’s Password Safe v2.
• [2.x] Out of the box, KeePass supports importing more than 20 formats (see Help: Import).
• Many other file formats are supported through KeePass plugins.

Easy Database Transfer

• A password database consists of only one file that can be transferred from one computer to another easily.

Intuitive and Secure Windows Clipboard Handling

• Just double-click on any field of the password list to copy its value to the Windows clipboard.
• Timed clipboard clearing: KeePass can clear the clipboard automatically some time after you’ve copied one of your passwords into it.
• [1.x] Protection against clipboard monitors (other applications won’t get notifications that the clipboard content has been changed).
• [1.x] Paste-once functionality: allow only one paste operation, after pasting the clipboard is cleared automatically by KeePass.

Searching and Sorting

• You can search for specific entries in the databases.
• To sort a password group, just click on one of the column headers in the password list, you can sort by any column.

Multi-Language Support

• KeePass can be translated into other languages very easily.
• Over 30 different languages are available!
• See the translations page.

Strong Random Password Generator

• KeePass can generate strong random passwords for you.
• You can define the possible output characters of the generator (number of characters and type).
• Random seeding through user input: mouse movement and random keyboard input.

Open-Source!

• KeePass free and you have full access to its source code!
• Open-Source prevents from backdoors. You can have a look at its source code and compile it yourself.
• You can yourself check if the security is implemented correctly, you can, if you want, use any other encryption algorithm.
• Opening the sources also encourages other people to port the application to other systems (PocketPC version already in development) or write translations.
• KeePass is OSI Certified Open Source Software. OSI Certified is a certification mark of the Open Source Initiative.

Download KeePass Password Safe

If you haven’t given Hexatrack a spin, it’s worth your time to take a good look at what they offer. They have a limited free version and upgrades to paid versions ($97 buy-in+$47/mo.) The major advantage of using HexaTrack is that it can track ppc clicks and keywords right to your landing page. It will also shows competitor activity and will show up click fraud where the same site keeps hitting one of your ads.

You can get more information at HexaTrack.com.

Here’s a video that covers ad tracking.

From Neil’s Blog:

[snip]………………………………………….

New Version Of Real Link Finder Is Ready!

February 26th, 2008

[snip] ………………………………………

Note that it’s still free!

Granted, there are a lot of PC security web sites and companies are falling all over themselves to entice you to buy their latest protection program. However, the guy running AuditMyPC.com is someone who puts their best foot forward and offers free tools to assess you security weak spots — with no strings attached. There’s information about why you should be concerned about “security” and then there’s a support forum where you can ask additional questions and actually get answers.

In fact, here’s a sample of the specific kind of help available on their forum.

===== From Their Forum/Helpdesk ========================

Question: “How do I keep my browser from showing up in my AWStats for my web site?”

The user had few visitors and felt that his activity managing and upgrading his site was skewing his numbers. (I confess, I have a few sites with the same issue! I spend more time on them than all of my visitors put together.)

Answer: (This may look a little jumbled because it’s only part of the answer from their forum. The rest of the thread is at http://www.websecurity.mobi/computer-help/90-awstats-do-no-record-my-pc.html.)

Use AWStats.conf file to block a specific ip address or browser identified by the “useragent” tag.

To change the useragent in Firefox, do the following:

1- visit http://www.auditmypc.com/anonymous-surfing.asp and record the user agent.

2- To change the User Agent in firefox, simply type ‘about:config’ (without quotes) into the address bar of FireFox (like you would any website address).

In the window that appears, right click on the white space and select NEW, STRING

Enter the preference name ‘general.useragent.override’, without quotes.

Next, enter the new User Agent you would like to be, you could make it anything, say:
Mozilla/5.0r

Now, revisit http://www.auditmypc.com/anonymous-surfing.asp and look at the user agent and you should notice the change.

Now, in AWstats, simply set the SkipUserAgents=”" to
SkipUserAgents=”Mozilla/5.0r”

===================================================================
I added the line: SkipUserAgents=”Mozilla/5.0cr” to the line directly below ‘ SkipHost=”" ‘ at line 259 in home/tmp/~domainname~/awstats.conf
===================================================================

Now, whenever you visit your site, your activity will be recorded, but NOT factored into the statistics, such as visitors, hits, pages, etc. This is because there is no other Mozilla/5.0r (r for roger) except your browser and we are excluding that user agent.

If you are using my Webmaster Tool, you can also enter Mozilla/5.0r (or whatever you’re using as an agent) into the user agent setting located on the Settings Tab and prevent the tool’s activity from being factored into stats as well.
==================== End of Forum/Helpdesk Excerpt =========================

Here’s a couple of paragraphs from their “About Page:”

Welcome! AuditMyPC.com is a vulnerability assessment, privacy test, research and security information site. This site was designed to promote security awareness - free of charge!

I originally started this site in October of 2000 and moved it to AuditMyPC.com shortly after. The site was created because I desired a greater understanding of security and in-depth web based programming. I was also motivated by the lack of similar sites and the need to perform remote security scans without limitations, fees or long registration requirements.

The site was designed to be aesthetically pleasing and allow fast and easy navigation. The last thing a user new to security needs is a complicated site littered with hard to read material and nested pages. The information this site provides about your system is available to any site. The purpose here is not to scare, it’s to make you aware.

Personally, I think this is the kind of web site people should use as a model. Yes, they monetize their site using Adsense and a few banners, but there’s more information than advertising. And no, I don’t have a relationship with the web site or its owner. I just think it’s a great web site — low on hype and heavy on resources and help. (Just my two cents worth.)