NEW & Fast Ship! KeePass Password Security Manager Suite Software Windows Disc

$26.83 Buy It Now, $1.64 Shipping, 30-Day Returns, eBay Money Back Guarantee
Seller: sharperjacks ✉️ (6,601) 99%, Location: Durham, North Carolina, US, Ships to: WORLDWIDE, Item: 374472262514 NEW & Fast Ship! KeePass Password Security Manager Suite Software Windows Disc. When ordering from the US, parcels may be subject to import tax and duty charges, which the buyer is responsible to pay.

NEW & Fast Ship! KeePass Password Security Manager Suite Software Windows Disc This product data sheet is originally written in English.

NEW & Ready to Ship Fast! + Download Included - KeePass Password Security Manager on a Professional Disc - Provided by Sharper Jacks Toggle Navigation Toggle Navigation KeePass [SOFT - 23 - W - D1] Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website's FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem... A serious problem. The thief would have access to your e-mail account, website, etc. Unimaginable.

KeePass is a password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information.

Strong Security • KeePass supports the Advanced Encryption Standard (AES, Rijndael) and the Twofish algorithm to encrypt its password databases. Both of these ciphers are regarded as being very secure. AES e.g. became effective as a U.S. Federal government standard and is approved by the National Security Agency (NSA) for top secret information.

• The complete database is encrypted, not only the password fields. So, your user names, notes, etc. are encrypted, too.

• SHA-256 is used as password hash. SHA-256 is a 256-bit cryptographically secure one-way hash function. Your master password is hashed using this algorithm and its output is used as key for the encryption algorithms.

• In contrast to many other hashing algorithms, no attacks are known yet against SHA-256.

• Protection against dictionary and guessing attacks: by transforming the final master key very often, dictionary and guessing attacks can be made harder.

• In-Memory Passwords Protection: Your passwords are encrypted while KeePass is running, so even when the operating system caches the KeePass process to disk, this wouldn't reveal your passwords anyway.

• Protected In-Memory Streams: When loading the inner XML format, passwords are encrypted using a session key.

• Security-Enhanced Password Edit Controls: KeePass is the first password manager that features security-enhanced password edit controls. None of the available password edit control spies work against these controls. The passwords entered in those controls aren't even visible in the process memory of KeePass.

• The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too.

Database Encryption KeePass database files are encrypted. KeePass encrypts the complete database, i.e. not only your passwords. The user names, notes, etc. are encrypted, too.

Databases are encrypted using one of the following block ciphers:

Cipher Block Size Key Size
Advanced Encryption Standard (AES / Rijndael) 128 bits 256 bits
Twofish 128 bits 256 bits

These algorithms are well-known, analyzed thoroughly and considered to be very secure. AES e.g. became effective as a U.S. Federal government standard and is approved by the National Security Agency (NSA) for top secret information.

The block ciphers are used in the CBC (cipher-block chaining) block cipher mode. In CBC mode, plaintext patterns are concealed.

For both algorithms, a 128-bit initialization vector (IV) is generated randomly each time you save the database. This allows multiple databases to be encrypted using the same key without observable patterns being revealed.

Hashing and Key Derivation In order to generate the 256-bit key for the block ciphers, the Secure Hash Algorithm SHA-256 is used. This algorithm compresses the user key provided by the user (consisting of password and/or key file) to a fixed-size key of 256 bits. This transformation is one-way, i.e. it is computationally infeasible to invert the hash function or find a second message that compresses to the same hash.

Key Derivation: If only a password is used (i.e. no key file), the password plus a 128-bit random salt are hashed using SHA-256 to form the final key (but note there is some preprocessing: Protection against Dictionary Attacks). The random salt prevents attacks that are based on pre-computed hashes.

When using both password and key file, the final key is derived as follows: SHA-256(SHA-256(password), key file contents), i.e. the hash of the master password is concatenated with the key file bytes and the resulting byte string is hashed with SHA-256 again. If the key file doesn't contain exactly 32 bytes (256 bits), they are hashed with SHA-256, too, to form a 256-bit key. The formula above then changes to: SHA-256(SHA-256(password), SHA-256(key file contents)).

Random Number Generation KeePass needs to generate several random bytes (for the IV, the master key salt, etc.). For this, several pseudo-random sources are used: current tick count, performance counter, system date/time, mouse cursor position, memory status (free virtual memory, etc.), active window, clipboard owner, various process and thread IDs, various window handles (active window, desktop, ...), window message stack, process heap status, process startup information and several system information structures. Additionally, KeePass uses random bytes provided by the system's default CSP RNG.

This pseudo-random data is collected in a random pool. To generate 16 random bytes, the pool is hashed (SHA-256) with a counter. The counter is increased after 16 generated bytes. This way, as many secure random bytes can be produced efficiently as needed.

Protection against Dictionary Attacks KeePass supports a protection against guessing and dictionary attacks.

You can't really prevent these attacks: nothing prevents an attacker to just try all possible keys and look if the database decrypts. But what we can do (and KeePass does) is to make it harder: by adding a constant work factor to the key initialization, we can make them as hard as we want.

To generate the final 256-bit key that is used for the block cipher, KeePass first hashes the user's password using SHA-256, encrypts the result N times using the Advanced Encryption Standard (AES) algorithm (called key transformation rounds from on now), and then hashes it again using SHA-256. For AES, a random 256-bit key is used, which is stored in the database file. As the AES transformations aren't pre-computable (key is random), an attacker has to perform all the encryptions, too, otherwise he cannot try and see if the current key is correct.

An attacker now needs much more time to try a key. If he can only try a few keys per second, a dictionary attack is not practical anymore. N is a work factor, only indirectly a time factor. A super computer can try a key a lot faster than a standard PC, but anyway testing one key with N transformation rounds will take N times longer than trying a key with no transformation rounds on the super computer.

By default, KeePass sets N to 6000 encryption rounds (full encryptions are meant; N has nothing to do with the internal encryption rounds of AES). This number has been chosen in order to provide compatibility with portable device versions (PocketPC processors are slower, therefore the key computation takes longer).

If you are using KeePass on PC only, it is highly recommended to increase the number of key transformation rounds. You can change the number in the database options dialog. Right of the field for the rounds, you'll find a button. When clicking this button, KeePass computes the rounds number that leads to a 1-second delay. Waiting 1 second at database opening isn't a problem, but for an attacker of course it is. But, the number can be freely set to a number of your choice; the button only should give you a rough idea how many rounds can be computed in 1 second on your computer.

This protection feature is only useful for master passwords; key files are random anyway, there's no need to transform the key file contents. Guessing the key file contents is equally hard to a brute-force attack on the final key.

KeePass uses multithreading to compute the transformations (the master key is split up to two parts of 128 bits, which is the AES block size). On dual/multi core processors, the computation can be twice as fast as on a single core processor.

On Windows Vista and higher, KeePass can use Windows' CNG/BCrypt API for the key transformations, which is about 50% faster than the KeePass built-in key transformation code.

Process Memory Protection While KeePass is running, sensitive data (like the hash of the master key and entry passwords) is stored encryptedly in process memory. This means that even if you would dump the KeePass process memory to disk, you couldn't find any sensitive data.

Additionally, KeePass erases all security-critical memory when it's not needed anymore, i.e. it overwrites these memory areas before releasing them (this applies to all security-critical memory, not only the password fields).

KeePass uses the Windows DPAPI for in-memory encrypting the sensitive data. With DPAPI, the key for in-memory encryption is stored in a secure, non-swappable memory area managed by Windows. DPAPI is available on Windows 2000 and higher. KeePass always uses DPAPI when it's available; by default using DPAPI is enabled; if it's disabled, KeePass uses the ARC4 encryption algorithm with a random key; note that this is less secure than DPAPI, mainly not because ARC4 cryptographically isn't that strong, but because the key for in-memory encryption is also stored in swappable process memory; similarly, KeePass falls back to encrypting the process memory using Salsa20, if DPAPI is unavailable). On Unix-like systems, KeePass uses Salsa20, because Mono doesn't provide any effective memory protection method.

For some operations, KeePass must make sensitive data available unencryptedly in process memory. For example, in order to show a password in the standard list view control provided by Windows, KeePass must pass the cell content (the password) as unencrypted string (unless hiding using asterisks is enabled). Operations that result in unencrypted data in process memory include, but are not limited to: displaying data (not asterisks) in standard controls, searching data, replacing placeholders (during auto-type, drag&drop, copying to clipboard, ...), and computing password quality estimations.

Enter Master Key on Secure Desktop (Protection against Keyloggers) Note: KeePass was one of the first (maybe even the first) password manager that allows entering the master key on a different/secure desktop!

KeePass has an option (in 'Tools' -> 'Options' -> tab 'Security') to show the master key dialog on a different/secure desktop (supported on Windows = 2000), similar to Windows' User Account Control (UAC). Almost no keylogger works on a secure desktop.

The option is turned off by default for compatibility reasons.

Locking the Workspace When locking the workspace, KeePass closes the database file and only remembers its path.

This provides maximum security: unlocking the workspace is as hard as opening the database file the normal way. Also, it prevents data loss (the computer can crash while KeePass is locked, without doing any damage to the database).

Viewing/Editing Attachments KeePass has an internal viewer/editor for attachments.

The internal viewer/editor works with the data in main memory. It does not extract/store the data onto disk.

When trying to open an attachment that the internal viewer/editor cannot handle (e.g. a PDF file), KeePass extracts the attachment to a (EFS-encrypted) temporary file and opens it using the default application associated with this file type. After finishing viewing/editing, the user can choose between importing or discarding any changes made to the temporary file. In any case, KeePass afterwards securely deletes the temporary file (including overwriting it).

Self-Tests Each time you start KeePass, the program performs a quick self-test to see whether the block ciphers and the hash algorithms work correctly and pass their test-vectors. If one of the algorithms doesn't pass its test vectors, KeePass shows a security exception message box.

Specialized Spyware This section gives answers to questions like the following: • Would encrypting the configuration file increase security by preventing changes by a malicious program?

• Would encrypting the application (executable file, eventually together with the configuration file) increase security by preventing changes by a malicious program?

• Would an option to prevent plugins from being loaded increase security?

• Would storing security options in the database (to override the settings of the KeePass instance) increase security?

• Would locking the main window in such a way that only auto-type is allowed increase security? The answer to all these questions is: no. Adding any of these features would not increase security.

All security features in KeePass protect against generic threats like keyloggers, clipboard monitors, password control monitors, etc. (and against non-runtime attacks on the database, memory dump analyzers, ...). However in all the questions above we're assuming that there's a spyware program running on the system that's specialized on attacking KeePass.

In this situation, the best security features will fail. This is law #1 of the 10 Immutable Laws of Security: "If a bad guy can persuade you to run his program on your computer, it's not your computer anymore".

For example, consider the following very simple spyware specialized for KeePass: an application that waits for KeePass to be started, then hides the started application and imitates KeePass itself. All interactions (like entering a password for decrypting the configuration, etc.) can be simulated. The only way to discover this spyware is to use a program that the spyware doesn't know about or can't manipulate (secure desktop); in any case it can't be KeePass.

For protecting your PC, we recommend using an anti-virus software and a tool like Heimdal Pro that keeps security-critical software up-to-date and features an enhanced malware protection. Use a proper firewall, only run software from trusted sources, do not open unknown e-mail attachments, etc.

Multiple User Keys • One master password decrypts the complete database.

• Alternatively you can use key files. Key files provide better security than master passwords in most cases. You only have to carry the key file with you, for example on a floppy disk, USB stick, or you can burn it onto a CD. Of course, you shouldn't lose this disk then.

• For even more security you can combine the above two methods: the database then requires the key file and the password in order to be unlocked. Even if you lose your key file, the database would remain secure.

• Additionally, you can lock the database to the current Windows user account. The database can then only be opened by the same person who created it.

Portable and No Installation Required, Accessibility • KeePass is portable: it can be carried on an USB stick and runs on Windows systems without being installed.

• KeePass doesn't store anything on your system. The program doesn't create any new registry keys and it doesn't create any initialization files (INI) in your Windows directory. Deleting the KeePass directory leaves no trace of KeePass on your system.

• KeePass requires the Microsoft- .NET Framework (which can be downloaded for free at Microsoft-'s website) or Mono. Windows Vista and higher already include the .NET framework; for Windows 98 / ME / 2000 / XP you need to install it, if it's not installed already. With Mono, KeePass also runs on Linux, Mac OS X, BSD, etc.

• Accessibility: KeePass features an advanced option that explicitly optimizes the user interface for screen readers.

Export To TXT, HTML, XML and CSV Files • The password list can be exported to various formats like TXT, HTML, XML and CSV.

• The XML output can be easily used in other applications.

• The HTML output uses cascading style sheets (CSS) to format the table, so you can easily change the layout.

• The CSV output is fully compatible with most other password safes like the commercial closed-source Password Keeper and the closed-source Password Agent, also the CSVs can be imported by spreadsheet applications like Microsoft-s Excel or OpenOffice's Calc.

• Many other file formats are supported through KeePass plugins.

Import From Many File Formats • KeePass uses the common CSV export format of various passwords safes like Password Keeper and Password Agent. Exports from these programs can be easily imported to your KeePass databases.

• KeePass can parse and import TXT outputs of CodeWalletPro, a commercial closed-source password safe.

• KeePass can import TXT files created by Bruce Schneier's Password Safe v2.

• Out of the box, KeePass supports importing more than 35 formats.

• Many other file formats are supported through KeePass plugins.

Easy Database Transfer • A password database consists of only one file that can be transferred from one computer to another easily.

Support of Password Groups • You can create, modify and delete groups, in which passwords can be sorted into.

• The groups can be arranged as a tree, so a group can have subgroups, those subgroups can have subgroups themselves, etc.

Time Fields and Entry Attachments • KeePass supports time fields: creation time, last modification time, last access time and expiration time.

• You can attach files to password entries (useful to store PGP signature files in KeePass for example).

• KeePass has a powerful internal viewer/editor for text files, images and documents. You don't even need to export attached files to view/edit them!

Auto-Type, Global Auto-Type Hot Key and Drag&Drop • KeePass can minimize itself and type the information of the currently selected entry into dialogs, webforms, etc. Of course, the typing-sequence is 100% user-customizable, read the documentation file for more.

• KeePass features a global auto-type hot key. When KeePass is running in the background (with opened database) and you press the hot key, it looks up the correct entry and executes its auto-type sequence.

• All fields, title, username, password, URL and notes can be drag&dropped into other Windows.

Intuitive and Secure Windows Clipboard Handling • Just double-click on any field of the entry list to copy its value to the Windows clipboard.

• Timed clipboard clearing: KeePass can clear the clipboard automatically some time after you've copied one of your passwords into it.

Searching and Sorting • You can search for specific entries in the databases.

• To sort a password group, just click on one of the column headers in the password list, you can sort by any column.

Multi-Language Support • KeePass can be translated into other languages very easily.

• Over 30 different languages are available!

Strong Random Password Generator • KeePass can generate strong random passwords for you.

• You can define the possible output characters of the generator (number of characters and type).

• Random seeding through user input: mouse movement and random keyboard input.

Plugin Architecture • Other people can write plugins for KeePass.

• Plugins can extend the functionality of KeePass, like providing additional import/export methods for other file formats.

Toggle Navigation Toggle Navigation Toggle Navigation Toggle Navigation Toggle Navigation Toggle Navigation Toggle Navigation KeePass uses the Windows DPAPI for in-memory encrypting the sensitive data. With DPAPI, the key for in-memory encryption is stored in a secure, non-swappable memory area managed by Windows. DPAPI is available on Windows 2000 and higher. KeePass always uses DPAPI when it's available; by default using DPAPI is enabled; if it's disabled, KeePass uses the ARC4 encryption algorithm with a random key; note that this is less secure than DPAPI, mainly not because ARC4 cryptographically isn't that strong, but because the key for in-memory encryption is also stored in swappable process memory; similarly, KeePass falls back to encrypting the process memory using Salsa20, if DPAPI is unavailable). On Unix-like systems, KeePass uses Salsa20, because Mono doesn't provide any effective memory protectio
Language English
Format CD
MPN Does Not Apply
Brand Provided by Sharper Jacks
License Category Standard
UPC Does not apply
Country/Region of Manufacture United States
Platform Windows
For Operating Systems Microsoft Windows 10
For Operating Systems Microsoft Windows 10 64-bit
For Operating Systems Microsoft Windows 8.1
For Operating Systems Microsoft Windows 8.1 64-bit
For Operating Systems Microsoft Windows 8
For Operating Systems Microsoft Windows 8 64-bit
For Operating Systems Microsoft Windows 7
For Operating Systems Microsoft Windows 7 64-bit
For Operating Systems Microsoft Windows Vista
For Operating Systems Microsoft Windows Vista 64-bit
For Operating Systems Microsoft Windows XP
For Operating Systems Microsoft Windows XP 64-bit
For Operating Systems Windows
Type Password Management
Operating Systems Microsoft Windows XP
Operating Systems Microsoft Windows XP 64-bit
Operating Systems Microsoft Windows 7
Operating Systems Microsoft Windows 7 64-bit
Operating Systems Microsoft Windows Vista
Operating Systems Microsoft Windows Vista 64-bit
Operating Systems Microsoft Windows 8
Operating Systems Microsoft Windows 8 64-bit
Operating Systems Microsoft Windows 10
Operating Systems Microsoft Windows 10 64-bit
  • Condition: Brand new
  • Language: English
  • Format: CD
  • Brand: Provided by Sharper Jacks
  • Licence Category: Standard
  • Country/Region of Manufacture: United States
  • Platform: Windows
  • For Operating Systems: Microsoft Windows 8.1 64-bit, Microsoft Windows 10, Microsoft Windows XP 64-bit, Microsoft Windows XP, Windows, Microsoft Windows 8.1, Microsoft Windows Vista 64-bit, Microsoft Windows 7 64-bit, Microsoft Windows 10 64-bit, Microsoft Windows Vista, Microsoft Windows 7, Microsoft Windows 8, Microsoft Windows 8 64-bit
  • Type: Password Management
  • Operating Systems: Microsoft Windows 10, Microsoft Windows XP 64-bit

PicClick Insights - NEW & Fast Ship! KeePass Password Security Manager Suite Software Windows Disc PicClick Exclusive

  •  Popularity - 0 watchers, 0.0 new watchers per day, 433 days for sale on eBay. 0 sold, 2 available.
  •  Best Price -
  •  Seller - 6,601+ items sold. 1% negative feedback. Great seller with very good positive feedback and over 50 ratings.

People Also Loved PicClick Exclusive