After the Yahoo Hack lets get started with a password manager. You can install KeePass through Chocolatey quickly and easily. I will walk you through installing Chocolatey and installing KeePass. From there you can keep KeePass up to date easily through Chocolatey and keep your passwords encrypted on your Computer. This tutorial has been tested for Windows 7 or later.

KeePass: What’s that?

KeePass is a password manager available for free and made in Germany. It’s going to receive a source code audit by the European Union. The most important thing to remember is its no harder to use than any other program. Its much much easier to use than word. The difficulty is getting started and we are going to walk you through that.

Chocolatey: What’s that?

Chocolatey is a package manager for Windows. Package managers are pretty handy and here we want it for its ability to install, update and remove windows programs.

What do I do?

To install chocolatey on windows, go to the start menu, type in cmd.exe, right click on it and choose ‘Run as Administrator’. This will give you an administrative command prompt. Next type this in and hit return.

@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))" && SET "PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin"

If you want to read the whole script you can do so on the chocolatey website. Since its open source it has been reviewed by many users. The reason it’s provided is to get it installed quickly. In general if you are not expecting to install something like a package manager I would not recommend running scripts from the internet as administrator.

To check that it is installed type in

choco --help

You should see some of the different things you can do. You also see the version of chocolatey for when you need to update it. Go you!

Once it’s installed, let’s install KeePass 2! This will install the latest version available on the chocolatey platform.

choco install keepass

KeePass should now be installed. You have a password manager on your computer. Next lets learn to use it.

Go to your start menu and search for KeePass 2. Click on it.

keepass2 master password screen

You have to create your Composite Master Key. This is the password or passphrase you will type in to unlock your passwords. Choose something you can remember that is long. A pass phrase of three or four randomly chosen words or a password more than 15 characters long is currently recommended. When you have entered it, click the OK button. If you forget your master password, you will not be able to access any other passwords you save. Your master password is what stops all your passwords being decrypted, so do not reuse this anywhere else.

On the screen ‘Create New Password Database’ you have to fill in the Database name, which can be anything you will recognise. You should also fill in the default user name for new entries, if you are not sure what to fill in there use your name. The rest of the tabs can be left at default.

Right click and choose ‘Add new entry’. For the title you want to indicate where you will want to use this. The title of the website for example or some phrase that will be helpful. For the username, it’s the username or email you use to login to that site. It will automatically generate a password for you each time. Click on the three dots to see what it is. You can either replace it or use it.

For the notes section you can keep security questions, answers, helpful information that you need to keep encrypted. Expires is when it will prompt you to change the password. The default is 6 months but you can change it to one year.

For Quality, this number of bits helps explain how hard it is for people to break your password. It does not check for your password already been stolen, or if it’s a common password in the most common passwords list, so be careful!

You can use KeePass2 to open any .kdb file (assuming you have the password). I do not think the format is used anywhere else.

How to uninstall a package

If you want to uninstall KeePass2 afterwards (hopefully you don’t) you can type in

choco uninstall keepass

Tasks to try on your own

Install an older version of a package, then upgrade it.

When some time goes by try upgrading chocolatey itself through chocolatey. The -y at the end means you will not be prompted for the yes/no permission.

choco upgrade chocolatey -y

Problems with this approach:

  1. If you don’t keep chocolatey up to date it could be another attack vector.
  2. KeePass2 is downloaded from sourceforge (though this version should have been approved).

Advantages of this approach:

  1. Easy to install.
  2. Easy to keep up to date.
  3. Version should be approved.

If this is your first time using Chocolatey and a password manager I hope you found this fun. These days everyone should be using a password manager at home. Its really easy to put it off. It seems like a hassle and a bother, but you have now installed one in a couple of commands.