Almost daily, the list of passwords you must retain gets longer. On top of that, some of those passwords simply are not (nor should be) memorize-able. When you have too many passwords to remember, or when a password reaches a point beyond that of possible memorization, your best bet is employ a password safe.
Within the realm of password safes, there are many applications that are ready to serve you. The one that is often considered the best is the open source KeePass tool. Unfortunately, there is no official version of KeePass for Android. However, there are apps, based on KeePass, that do an outstanding job of protecting passwords. One such app is Keepass2Android.
Keepass2Android has a feature list that should easily convince you this is the password safe to meet your mobile needs:
- Read/write support for KeePass 2.x .kdbx files
- Integrates with nearly every Android browser
- QuickUnlock allows you to unlock your database once with your full password and re-open it by typing just a few characters
- Access files from the cloud or the web
- Integrated Soft-Keyboard for entering user credentials (to avoid clipboard-based password sniffers)
- Support for additional string fields, file attachments, tags etc.
- Search dialog similar to that found in KeePass 2.x.
SEE: Security awareness and training policy (Tech Pro Research)
Before installing, know that two versions of this app are available: Keepass2Android is the standard edition, and Keepass2Android Offline is an offline version. If you don't need to access files from the cloud or the web, Keepass2Android Offline is the version you want. I prefer the standard edition, because I need the cloud/web integration.
To install Keepass2Android, follow these simple steps.
- Open the Google Play Store on your Android device.
- Search for Keepass2Android.
- Locate and tap the entry by Philipp Crocoll (Croco Apps).
- Tap Install.
- Tap Accept.
- Allow the installation to complete.
A quick word of warning: As with any Android app, it is crucial that you do not install from a third-party source. With password safe apps, it is especially important to follow this warning. The last thing you need is to install a password safe infected with malware that will transmit your passwords to a third-party.
The first thing you must do is create a new database. When you open Keepass2Android, tap the Create New Database button, and then enter a master password to protect the database (Figure A).
After entering the password, scroll down and confirm it. If you opt to add a key file for extra security, tap the associated checkbox (Figure B) and then tap CREATE DATABASE. Note: On a fresh install of Keepass2Android, adding a keyfile failed every time for me (I tried on a OnePlus 3, a Nextbit Robin, and a Nexus 6). So until this bug is resolved, your best bet is to go without using a keyfile.
With the database created, you will be prompted to enter the password for unlocking. Once the database is unlocked, you can start adding entries (for security purposes, screenshots are blocked within the Keepass2Android app). Adding an entry is as simple as tapping a group (you can choose from one of the default groups), tapping the + button, and then tapping the key icon. You can also create a new group by tapping the + button and then tapping the folder icon, giving the group a name, and tapping OK.
An entry can consist of:
- Standard entry
- Credit card
- ID card
- Secure note
- Wireless LAN
Each entry type will offer a different set of options available (specific to that type of entry). When you're finished working with that database, tap the lock icon at the top right of the window, and the database is once again protected.
Enable Fingerprint Unlock
If your device has a fingerprint scanner, I highly recommend you enable this feature. From within a database, tap the menu button (three vertical buttons in the upper right corner), tap Settings | Database | Fingerprint Unlock. In the new window, tap to enable either Full Fingerprint Unlock or Fingerprint Unlock For QuickUnlock. When you tap to enable one of those options, confirm your fingerprint on the device scanner (which must already be set up). With this complete, you can either unlock the database with your fingerprint or use your fingerprint for the QuickUnlock feature.
A lot to like
What I like about Keepass2Android is that the interface allows you to create entries and, then, from that entry view the password and go to the URL (if the password is associated with a web address). This means you don't have remember those passwords, and you can gain quick access to the links after viewing the associated username/password for a particular site. The ability to unlock databases via a fingerprint scan is an incredibly handy feature that makes Keepass2Android easy to use and more secure than a standard password.
The inability to use the keyfile option does not detract from the solidity and reliability of Keepass2Android. Give this password safe a go, and you will not be disappointed.
- Android Security Bulletin October 2016: What you need to know (TechRepublic)
- IObit Applock: An app locker Android users can count on (TechRepublic)
- 1Password: The smart person's guide (TechRepublic)
- 10 do's and don'ts for securing your Android device (TechRepublic)
- Changing your password regularly is a terrible idea, and here's why (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.