- Strong encryption of the password database
- The ability to use a password, key file, or the combination of the two to secure access to said password database
- A password generator with a multitude of options
- The ability to copy the password to the clipboard (without ever showing it) and have it clear the password after a set amount of time
- Organize password entries by groups and subgroups (think folders)
Looking at it from a shared location, KeePass can be used by an organization to store sensitive logins, such as the root password for MySQL, the sa account password, the usernames and passwords for the SQL Server service accounts, etc. In fact, in version 1.09, if the password database is opened by another user, it's smart enough to tell the next person opening it the situation and asking if that user wants to open the database in read-only or normal mode. One way to handle this is to distribute the key file to all admins and as long as they have that, they can unlock the password database. If someone leaves the organization who had access to the password database, generate a new key and re-distribute it, and you're back in business, even if they copied the key file. Granted, the fact that the password entries stored within will have to be addressed, but this is a problem regardless of your password vault solution (or lack thereof).
Technorati Tags: Security | Database Security | Network Security | Windows Security | SQL Server Security | Work