Skip to content

Cross Platform Password Manager – Keepass!! Evernote is not a good idea methinks.

June 15, 2012

Ever since I realized that storing passwords or other sensitive information in Evernote is really not that secure, I was on a hunt for a password manager which I can access from my iPhone, MacBook Pro and my Windows work laptop. Evernote and Dropbox are really two great apps that I can’t imagine to live without. I can constantly upload stuff as I think and then access them anywhere later. If they are just simple notes, I use Evernote and if they are files or other data, I use Dropbox. I can’t tell how easy these apps have made for me to be more organized. And, the space which comes with the free accounts for both the accounts is big enough for anybody who doesn’t have any extraordinary expectations.

Anyways, coming back to the point, storing sensitive information in Evernote is not safe because:

  1. You are not encrypting the data if you just save something.
  2. Even if you do encrypt, like I encrypted my passwords file, the data is still on the cloud and as we all know, Cloud security is something which needs to be understood really well before playing around with it. I have no idea what Evernote does with the data stored on the cloud. How do they store it? Where do they store it? Is the server multi-tenant?
  3. Security in the cloud should really be managed by the user/subscriber rather than the provider. At least from what I have read so far on Cloud Security, that seems to be the consensus. Obviously, the provider will try to make things as secure as they can but when it comes down to security breaches or anything of that sort, the provider cannot be blamed. The provider can maybe give you a secure infrastructure on the cloud or provide some good advice on how to secure your stuff but it eventually depends on an end user how he/she is implementing security and what are they doing to make sure their data doesn’t get stolen or tampered with.

So, after I thought about the above problem, I instantly removed anything sensitive I stored in Evernote. I made sure it is gone from the trash too. But, one thing I cannot really be sure is if Evernote still has it stored somewhere on the server or not. Is it accessible by anybody else? I don’t know. I just hope my stupidity doesn’t land me in any trouble. I, did however change all my passwords so I should be good.

I googled around little bit for password managers and most of the good ones were paid and I really did not want to pay anything for a password manager. I might as well spend one day and store everything in my brain than spend anywhere between 5$ to 30$ on a password manager. Yes, I have a lot of time I can waste on doing stupid mentally challenged things.

However, I did come across Keepass which happens to be one of the most common pw managers being used these days. It works pretty good on Windows but kind of sucks on Mac and iOS. Not kind of, I think it really sucks a$$.

But, anyways I decided to go ahead with it and I have been using it for a few days now without much problems and I would recommend it if you really don’t care about the UI and just need a safehouse for all your passwords.

It works fine across Windows, MacBook and iPhone with details about how to install or implement it widely available on the internet. I would like to mention something though. I didn’t know this before I started using Keepass and it took me some time to figure out (google) what the heck was going on with it.

So, if you are using Keepass on iPhone, make sure you don’t create any entries from your iPhone. It will mess your database size up. It makes the database grow like crazy. I dont know how or why. I just know it does so dont do it. And, once you do it, you can’t really use it from your iPhone because it won’t open anymore. Also, there is a bit of inconvenience using Keepass with Dropbox on your iPhone. I won’t dive into that either. So, whatever entries you do want to add, do it on your Windows or Mac. Windows is preferred because the UI is good and fast. UI on Mac is buggy.

And, there you have! A solution to all the “password is stolen” miseries with you on-the-go.

Advertisements

From → Database

Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: