Recently, I joined a new project. As always when this happens, I got a ton of new credentials for websites, platforms and so on. This flood can easily be managed using password managers like KeePass. However, one of my new colleagues showed me some cool features I didn’t know before. This article is a short review of those features.
URL + Double-Click in List-View
Each entry in KeePass has a URL attribute. Previously, I thought this is only a reminder for which website the credentials are. However when viewing the list view, a double-click in the “URL”-column opens a browser and navigates to the website.
The next step after having navigated to a login-form, either via manual browsing or via URL-column (see above), is to fill out the web form with the credentials. This is very easy by just typing Ctrl + Alt + A. The default behavior of KeePass for this feature can be seen in the detail-view of an entry in the Auto-Type section: The pattern
shows the automatically pressed buttons for this action. These can be edited to form complex interaction on the website.
On some websites, auto-type doesn’t work. A solution is to open the website via KeePass or manually, switching back to KeePass and pressing Ctrl + V on the corresponding entry. This enters the credentials into the web form in the browser.
Executing Command Lines & Field References
Additionally to web-URIs, the URL attribute of an entry can also contain commands like the following:
In this example, a command is executed (see URL field capabilities) to start the cloudfoundry command line interface to log in to the company-cloud. The password is referenced using field references and is actually stored in another KeePass entry. Passwords that are used for multiple logins can be managed by only one entry without the need for duplication.
There is a portable version available which means that KeePass can be used without prior installation on a computer. Simply copy the portable version to a USB stick and plug this stick in every computer where you need your passwords. Because the password safe can only be decrypted with a master password, the loss of the stick doesn’t equal the loss of all passwords.
Use KeePass. It’s awesome. :)