KeePass

Passwords are required by default for almost every service or website on the Internet. These should preferably be different and additionally complex. A big problem is to remember all the different passwords. Password memories solve this problem. Password memories allow complex passwords to be stored securely. Instead of 20 passwords, for example, the user only has to remember one single password, the master password. The master password protects the database from unauthorised access. To further increase security, the database is secured with a 2nd factor, e.g. via a USB stick.

The KeePass tool is an open source password manager that is used to store passwords in a secure way. KeePass also contains a password generator to generate unique, unbreakable passwords. The main advantage of KeePass over other commercial products is that the database is stored locally on the user's hard drive, not in a cloud.

Note: KeePass is pre-installed as standard in the Central University Administration (ZUV) (the following instructions are therefore only relevant as of V.)

I. Download KeePass

II. Install KeePass

  • Perform the installation without changing the settings and select the desired location

III. Download German KeePass language pack (optional)

  • Click on the Translation link on the KeePass website above
  • Download the package German (Dominik Reichl) Version 2.45
  • Copy the downloaded package into the folder C:\Program Files (x86)\KeePass Password Safe 2\Languages (Note: the path may have a different name depending on your own installation; it is important to store it in the KeePass folder Languages)

IV. Change language to German (optional)

  • Open KeePass
  • Click away everything (including the request for the master password)
  • Click on the View button at the top of the bar and then Change Language...
  • Select the German language package and click on Yes. KeePass will be restarted.

V. Create database and create master password

  • In the menu bar: File --> Click on New... --> Select storage location and name the file
  • Master password: Should consist of many characters (at least 15), possibly special characters, upper and lower case letters
    • Urgent recommendation: combination with key file (2-factor authentication)!
    • Optional: (Windows account) --> not recommended!
    • Bit display must be in the green area!
    • Do not forget your master password --> otherwise you will not have access anymore!
  • Check Show expert options
  • Check the box Key file / Provider and click the button Create... 

VI. Create key file and security settings of the DB

  • Create key file
    • Select the location for key file: Either locally on the hard disk (minor security improvement) or preferably on an external USB stick. The external USB stick must always be plugged in so that the database opens (Important: A backup of the key file should be created on another medium, e.g. on a second USB stick or on another computer).
    • Move the mouse randomly until the display is in the green area and click the OK button
  • Security settings of the created database
    • As shown in the screenshot under Security, set the database
    • Leave the other settings as they are and click the OK button

VII. Other important settings

  • In KeePass, click on the top bar Extras and Options... Under Security check the box Enter master key on secure desktop. Keep the other settings as they are.
  • Start with Windows (optional): Under Integration, check Start KeePass with Windows (current user). KeePass now starts together with Windows.

VIII. New password entry

  • Click on entry in the upper bar and add entry
  • Enter any title and user name
  • Click on the yellow button with the gear/wrench and open the password generator
  • Generate a password according to your wishes (but secure) or according to the specifications of the website, e.g. 20 characters long, upper case, lower case, numbers and special characters
  • You can also use the following characters under Additional, only those characters can be entered that the provider/website allows, e.g. as special characters.
  • Click the OK button
  • If Auto-Type is desired (automatic filling in of login data on web pages), select the tab Auto-Type, click on the checkbox Activate Auto-Type for this entry and overwrite the radio button at Standard Sequence: There remove the {ENTER} (otherwise Auto-Type automatically "presses" ENTER, which can lead to problems if the wrong web page or window is opened in the browser).
  • Check the box for Two-Channel Auto-Type Obfuscation (IMPORTANT!) and click on the OK button.
  • The settings are now complete. Click on the OK button to save the settings. The password entry is now created.
  • By clicking with the right mouse button on the entry, the user name or password for login can be copied to web pages or auto-typed (the desired login page must be open in the browser).
  • In the left bar you can also define categories/groups for logins.
  • KeePass can be locked with the lock symbol.

Important tips

  • Save the database via the diskette symbol in the upper bar!
  • Backup of the database and the key file on different media --> For example on two USB sticks or on another computer. The aim is that the attacker does not receive both files, i.e. database and key file, together!
  • The master password must not be forgotten. If necessary, write down the password and put it in a safe or hide it well, e.g. in the flat, house or in a book!

Communication and Information Centre (kiz)

  • Helpdesk

    Please contact us if you have questions or problems related to the kiz services:

    Office hours
    Monday - Thursday
    09:00 h - 12:00 h and 13:00 h - 15:30 h

    Friday 09:00 h - 12:00 h

    Phone
    +49 (0) 731 / 50 - 30000

    Telefax
    +49 (0) 731 / 50 - 1230000

    Order a Callback
    helpdesk(at)uni-ulm.de
    Support Portal
    [more]

  • Service Points

    Service Points are locations where you can visit us personally.

    [more]

  • Identity Management

    Using self-service functions of the Identity Management System (IDM): Administer permissions, subscribe to services, change passwords.

    IDM Self Services
    [more]

  • Literature Search

  • kiz from A to Z

    With about 400 keywords you will get direct access to our services. If something isn't listed, please contact our Internet Editorial Office.

    A-Z List