Printed 2017/08/19 09:37AM

Tool: KeePass Password Safe password manager/vault


Some time ago I was looking for a password vault and came across some recommendations for KeePass. KeePass is open source and free. It's a nice password manager and some of the features I like are:
A new version, 1.09, released in October. There is also a Portable Apps version which allows you to run it without installation. Therefore, you can stick on a USB drive and take it with you. I've also run it as a straight executable from a shared network drive.

Looking at it from a shared location, KeePass can be used by an organization to store sensitive logins, such as the root password for MySQL, the sa account password, the usernames and passwords for the SQL Server service accounts, etc. In fact, in version 1.09, if the password database is opened by another user, it's smart enough to tell the next person opening it the situation and asking if that user wants to open the database in read-only or normal mode. One way to handle this is to distribute the key file to all admins and as long as they have that, they can unlock the password database. If someone leaves the organization who had access to the password database, generate a new key and re-distribute it, and you're back in business, even if they copied the key file. Granted, the fact that the password entries stored within will have to be addressed, but this is a problem regardless of your password vault solution (or lack thereof).

Technorati Tags: | | | | SQL Server Security |

Copyright © 2002-2017 Redgate. All Rights Reserved. Privacy Policy. Terms of Use. Report Abuse.