30
Mar
keepass (1)

Have you ever been in a situation where you needed to remotely access an account but couldn’t remember its password? I know that I have done so all too many times, so I started looking for a secure solution to this quandary. Although there are several good options, I chose KeePass - read on to discover how you can too.

Before we begin, there are a few things you will need:

On the Desktop

The first thing that you will need to do is install Dropbox, if you haven’t already. I’ve created a folder in my Dropbox specifically for my KeePass files, but if you do this make sure you name it something inconspicuous (i.e. not “passwords”). Once that is done, we are ready to create the KeePass database.

Open KeePass and choose File > New, prompting the creation of a new database. Then, choose your password and repeat it for verification. I use a master password and a key file, but the latter is not a requisite.

KeePass for Windows

If you chose to create a key file, the next step is to encrypt it. Choose “Create,” save the file in the Dropbox folder you created in the previous step, and either move the mouse sporadically inside the “white noise” box or type random characters into the text input box.

keyfile

The next screen is for optional database settings, so just click “OK” and move on. You should now be presented with the main KeePass window - this is where all of your passwords are stored. I’m not going to go into too much detail on how to enter your information here, as the process is fairly self-explanatory. One thing that is worth noting, however, is that to add an entry, you will need to create a key, which can be found under Edit > Add Entry or by clicking the key icon in the toolbar; not by selecting File > New - that creates a new database.

keepass main

Once you have entered all your passwords into KeePass, choose File > Save As and save the database in the same location as the key file (if you chose to make one). If not, just save it in your Dropbox folder.

password entry

KeePass has a built-in password creation tool. Anytime you create a new entry, the “password” field will be populated with a random, strong password.

On the Phone

Now that everything is set up on the desktop, it is time to move to the phone. At this point, KeePassDroid, OI File manager, and Dropbox should be installed, so let’s go from there.

First things first - launch the Dropbox app and log in to your account. After that, navigate to where you saved the database and key file (if applicable) and download them to your SD card by long pressing the file and choosing “Download.” By default, this will save the file in SD Card > drop box > *folder name*, which is where you will tell KeePass to find them later.

Dropbox Download

Once the files are downloaded, open KeePassDroid. In the bottom right corner of the screen, tap the folder icon, which will open OI File Manager. Navigate to your Dropbox folder, select your database file, and tap OK.

default Keepass Droid

For some reason, OI File manger alphabetizes folders in an odd fashion - all folder names beginning with capital letters are first, and names beginning with lowercase letters follow. By default, Dropbox creates a folder named “dropbox” (note the lowercase “D”) on your SD card, so you will need to scroll down in order to locate it.

Now that the appropriate database has been selected, tap Open. Tap the checkbox “Use this as my default database,” and if you chose to create a key file earlier, tap the folder icon.

Choose the key file before you type in your password, as KeePassDroid will not remember the password once you navigate away from this screen.

Enter your password, tap “OK,” and enjoy!

keepass

Additional Details

If you edit the database file on your computer, it will save to your Dropbox folder and upload automatically. However, because of a limitation on Android (a good one, might I add), the database file will not automatically download to your SD Card. Thus, you must re-download the file from Dropbox every time you update it.

Note that the above only applies to the database file, as the key file shouldn’t change after its initial creation. Likewise, if you update the database file on your device, you will need to re-upload it to Dropbox. It will sync with your desktop automatically, so you should always have the newest version.

In order to sync the password database and key file across multiple computers, all you need to do is point KeePass to the appropriate files in Dropbox.

Cameron Summerson
Cameron is a self-made geek, Android enthusiast, horror movie fanatic, and musician. When he's not pounding keys here at AP, you can find him spending time with his wife and kids, plucking away on the 6- or 7-string, or watching The Texas Chainsaw Massacre on repeat.

  • http://www.AndroidPolice.com Artem Russakovskii

    There are a few apps that came out recently that offer automatic, scheduled Dropbox sync (frankly, it's something DB should do on its own but doesn't).

  • Dave

    Not sure why you need passwords 'on the cloud' if you have them on your phone.

    I use OI Safe to keep something like 70 passwords encrypted on my phone. I always have my phone with me. No need to have them anywhere else.

    /to each their own I guess

    • dbareis

      If you had a computer you'd know one reason, if you lose or break your phone you'll have learnt another :-)

  • guy

    lastpass is far easier to manage and use

  • dbareis

    Its easier (but not as pretty) to put the password file into its own folder and then create a shortcut to it on the homescreen and open the DB (NOT THE APP) and rely on the associations to open the file, that way DropBox will do the downloading for you then open the file.

    • nguyen2011

      Nice tip. Thanks

  • http://www.project2501.it ioio

    my password DB is stored in a Truecrypt Volume and synchronized with Dropbox over the net, but until truecrypt is available for android my DB will never be on the cloud..

    • Jason D

      KeePass has its own encryption, and its open source and AFAIK no one has found fault with it. So there isn't that much value added by storing it in TC.

  • Peter

    "For some reason, OI File manger alphabetizes folders in an odd fashion – all folder names beginning with capital letters are first, and names beginning with lowercase letters follow."

    Yes, Cameron. Linux is case sensitive and the sort you describe simply sort on ASCII values. It's not 'odd' - it's just Linux style. In case you didn't know this: Android is just another look and feel of Linux.

    • Cameron Summerson

      I am aware that Android is based on the Linux kernel. I am also aware of the Linux file system and its naming process. However, if you use Astro File Manager - and a lot of people do - then you would know that it doesn't sort files in the same fashion that OI does; it sorts them alphabetically regardless of case.

      Thanks, though.

  • http://www.blackgate.net/blog/ bblackmoor

    I found this article very helpful. It's a pity that the Android port of Keepass does not allow editing. That's really the only thing holding me back from switching to Keepass from SplashId.

  • Tomas

    Hi, I still can not find on my Phone version of KeePass how to see the particular passwords from my database. It shows only dots in stead of them :-( In PC, it works properly; I can choose whether to display them or hide.

    • Cameron Summerson

      As far as I know, you can only copy passwords. They automatically populate in the notification area, along with usernames.

      Just pull the notification bar down and tap on the desired selection to copy it.

  • Carlo

    Thanks Cameron. Appreciated the article/instructions.
    What would it take to have KeePass Password Safe 2/KeepPass Sync also enable Drobox as an Online Provider? As they curently do with S3 and digitalbucket.net ?

  • spamkiller666

    Hi, doesn't it make more sense to store the key file on the PC and to store a copy on the android device rather then to store it on dropbox ?
    This way if someone would break into dropbox and would steal the database he/she would be lacking the key file which would make it almost impossible to decode the database file ?
    Is this a correct assumption ?

    Kind Regards

    • Simon Belmont

      I totally agree. You should never store your database and key files together in the cloud.

      If you use a password and a key file you'd still be protected, but best practices says to keep them apart. It's like keeping a gun and its ammo apart for safety.

      • JasonD

        Well really it just means the key file adds no security value, that is, whenever you keep it stored near the database. As long as you still use the password and keep it secret, you get that level of security, but there's no point fussing with the keyfile unless you store it somewhere else.

        I put mine on a USB key (with a couple spares) but it's not easy to access it from an Android phone. *sigh*

  • tadpole

    Can Keepassdroid be installed on the Nook Tablet? I use it on my phone and I use Keepassx on my Linux netbook and it would be useful to have the same app on all three devices.

  • http://google Boris

    I'm a novice with technical stuff but found your piece very helpful. I'm installed and able to access on both devices - PC & phone.
    But how can I - either see the passwords on the phone (for remote use) or activate an 'autotype' function on my phone? Now that would be useful!

  • EverEcho

    I have installed KeePass on my android phone. One HUGE problem, I can't see the passwords. There are asterisks in the place where the passwords belong. I am unable to see the data that was put in. I use the password keeper so that I can look up my passwords and type them in from any computer. Help, is there a way to unhide my passwords.

    • Boris

      EverEcho,

      Since my earlier post I found out how to see the passwords.

      Here's how;

      If you open your Keepass flie as you would normally, and then open one of your entries, again as normal. You should see a whole lot of stars in the field where the password resides.

      If you then press the menu button at the bottom of the phone you will see that among other options an eye will appear labeled "show password", choose that option and you will see the password.

      Good Luck.

  • Alex@VT100
    • Jason D

      Dropbox can't decipher your KeePass file unless they break KeePass's own encryption, which has not yet been broken (but you need a strong password and/or keyfile!!). There's no problem storing your KeePass file in an insecure place like DropBox.

  • t tt

    you don't really need to use a file manager. it's enought to use keepassdroid and dropbox.
    just "configure" it like this:
    1. put your keepass database (db) on dropbox (pc);
    2. open dropbox (android);
    3. find your keepass db and select it as favourite (it will download the file to your phone and keep it synced);
    4. go to favorites tab on dropbox (android) and find your downloaded keepass db;
    5. click on it and choose Keepassdroid to open it (check the check box to always open it with keepass app by default);
    6. it will open the keepass db with keepassdroid: mark that database as your default
    From now on, everytime you open your keepass db with keepassdroid (you don't have to go through the all process again) and change it, it'll sync automatically with your dropbox account. you'll have it synced beetween your PCs and your phone

    • Konstigt2

      Thanks, adding as favorite was brilliant!

    • jpgabor@gmail.com

      I did notknow that marking as favorite will DL and sync files. Excellent!!!
      Thanks a lot!

  • Jean

    Thank you so much. I was ready to give up.

  • Bazar6

    I know this is an old article, but I started using this app recently, and you are able to keep Dropbox syncronized with this app : https://play.google.com/store/apps/details?id=com.ttxapps.dropsync : I have Dropbox on the computer set to sync only the folder that has my DB and Key, and with this app I tell it to sync to Dropbox everhour checking for updates. Any updates to the DB are automatically seen on the app (unless I go in to Dropsync and force an update). Hope this helps someone as much as it's helped me.

  • Christian de BXL

    Hello, I've copy a .kdbx data base on my Android Phone with "My Phone Explorer" I can't open it with Keepassdroid. I've a "Invalid password" message. Have I do something wrong?