I use Dropbox and KeePass together to manage all my passwords; for websites, email accounts, PIN codes and everything else. I use KeePass because I don’t trust online services to store my passwords for me; I want them at home, private, where only I can see them and no one else. However, it takes a little bit of effort to set this up – but it’s well, well worth it. Here’s how I do it:
Set up Dropbox
- Install Dropbox from https://www.dropbox.com/install.
- If you do not have an account, sign up for an account with your email address. Otherwise, log in. If you do not remember your password, set a new password using the account recovery mechanism (click on “forgot your password”).
- You should now have access to your Dropbox account, and there should be a Dropbox folder on your computer, which you can access either by double-clicking on the Dropbox icon in the system tray (or the desktop), or by navigating to the dropbox folder using the regular file access views in Windows (so called Windows Explorer).
- If you want to change the location of the Dropbox folder, you may do so by doing the following. This is an optional step and is not necessary, but can be useful if you want your files in a different location.
- Click on the Dropbox icon in the system tray
- When the little window appears with Dropbox notifications, click on the cogwheel in the upper right part and select Preferences.
- Select the Sync tab in the Dropbox Preferences window.
- Click the Move button under Dropbox folder location at the bottom.
- Select a folder on your computer where you want the Dropbox folder to reside. Do not include the actual “Dropbox” in the folder name; if you want the dropbox folder to be D:\Dropbox, just select D:\ as the location – this is useful if you have two hard disks and want the dropbox files on the second hard disk, separated from the system drive.
- I also recommend putting your Desktop inside the Dropbox folder, so everything on the desktop is automatically backed up. Usually people put a lot of things on the desktop, and it’s good to have that backed up. The downside is that everything on the desktop will have a little green check-mark on it, but it’s well worth it. (This applies to Windows 10, specifically, but probably works in other Windows versions too.)
- First of all, in the Dropbox folder, create a new folder somewhere called Desktop. It can be anywhere; I like to create a folder called sys or system and underneath that one keep things like the desktop folder, and so on, so I keep them separated.
- Open the File Explorer (or just about any folder on your computer works too).
- On the left, you should have a list of folders, like Desktop, Downloads, Documents, Pictures and so on. Right-click on Desktop in this list, and select Properties.
- Click on the Location tab, and click on Move. Navigate to the new folder you created for the desktop in the Dropbox folder and click Select Folder; verify that the dialog box now shows you the new desktop folder in Dropbox, and click OK.
- All of your desktop files should now be synchronizing with Dropbox.
Set up KeePass
- Now we’re going to set up KeePass. If you don’t have KeePass, download it from https://keepass.info/download.html and set up a password database as needed. Please choose the Installer for Windows and the most recent version (2.x something).
- Install the program, and create a new database. Be sure to have a good, strong password; something like “I always eat 52 pizzas!” Don’t make it too long – you have to type it in on your phone as well. (Of course, if you already have a password database from before, simply move it inside the Dropbox folder and make sure it gets the little green check-mark on it.)
- Add a few passwords for good measure. Save the file somewhere in Dropbox.
- After this, it might be a good idea to head over to the menu option File > Database Settings in KeePass, and look under the Security tab for Iterations. Increase the number significantly (to at least 100,000) and use the Test button to find a number that results in about ~0.1 seconds. This is a computing-intensive step that will harden access to your database and make it utterly impractical to run brute-force passwords crackers against it. (Bear it mind that your cell phone may not have the computing capacity of your computer, and will likely take a little longer to open the database. 0.1 seconds should be good.)
- Once again, make sure the KeePass database is saved inside the Dropbox.
- You should now be able to access the password database from anywhere, as long as you have access to your Dropbox account and a KeePass program that can read it. Please do not do so from any computer you don’t absolutely trust, as the data stored in the password database is a gold-mine for criminals.
Accessing the KeePass database from your Android phone
- To access the password database from your Android phone, start by installing Dropbox on your phone, and log in. Make sure you can see your files.
- Open the Play Store and install KeePassDroid by Brian Pellin.
- Now, go back to Dropbox, and navigate to your password database. Click on the little menu icon (the three dots) on the right side of the password file. Select Available offline. Your password database should now automatically be available offline and visible under the Offline files section in the Dropbox main menu.
- Please note that Dropbox will not automatically synchronize it unless you actually open Dropbox. For this reason, the recommended way to access the file is to go through Dropbox – this will ensure that it’s properly updated before you use it.
- It is possible that there are better alternatives than Dropbox – someone mentioned DropSync. I have no experience with this.
- Now, by clicking on the password file in the Dropbox offline section, KeePassDroid should automatically open. (If it doesn’t, try “Open With”.) Enter the password, and behold the glory and joy of having all your passwords instantly accessible on your phone, and yet securely.
- I try to only use the computer to actually update or change the passwords; I’m not 100% confident that those Android apps will make changes to the password database without problems. If there’s anything you don’t want, it’s a corrupted password database.
That should be it.