Dropbox and KeePass: the password mashup

Mashup: Dropbox and KeepassLet’s face it, working with clients with complex networking infrastructures is a pain.  As a contractor, you are offsite, outside of the normal water-cooler knowledge system.  You don’t hear that XYZ website forced John to change the password to the company’s twitter feed.

In a perfect world, every auxiliary system your clients would use would allow access to the same data from two discreet accounts,  Google does a good job of this with Analytics, Facebook even allows multiple people to manage fan pages as admins, but there are quite a few sites or services that simply allow 1 user.  Network equipment is another class of systems that quite frequently doesn’t allow you to have a discreet account.

My solution is to keep a Dropbox share with each client team (useful for many other reasons), and keep a Keepass password file in that share.

Dropbox is a free utility that syncs data from your computers to the cloud, and allows you to share that data between computers.  It also allows users to share folders with other users, allowing it to be a big, cloudbased network drive.

Keepass is a free, opensource password manager.  You can use Keepass and it’s variants  (KeepassX for mac/linux) on the same password file, so if you are using Windows, you can still share passwords with your client on a mac, or even your strange uncle running Linux.  Keepass encrypts all the passwords stored inside it into a file that is locked up safe behind a “Master Password”

Now the mashup:  You keep one Dropbox share with each client team with which you work.  This is useful for moving files with just them.  I’ve never had a client that once they “caught on” to what Dropbox does, hasn’t begun using it in every way they can.

Inside your Dropbox share with the client, place your Keepass password file.  I usually prestock this with every “shared” password I know about concerning the client.  Then show them Keepass.  With small teams, it usually takes off like wildfire, everyone is tired of sticky notes or being locked out of something dreadfully important when Jane is on vacation.

Keepass has a “Bookmarks” tab, much like a browser, so I create a bookmark for each client.

Security: Whenever possible don’t use shared passwords.  It’s bad form, for many reasons.  But I’m a realist, I know there is a whole class of passwords that can’t help being shared.   At least this is better than sticky notes.  Make sure you and your team only put these kind of passwords in your shared KeePass file, and not credentials to your personal accounts.

The one hitch: KeePass is a single user system, so only one person can edit it at the same time.  But, to the rescue, it does create a lock file and if you try to open a file that someone else is using, you get a warning that it’s in use, do you want to open read-only.   Since you are usually only grabbing some ancient credentials for an ftp site, and not adding entries, this isn’t a big deal.