Password Safe is a cross-platform and open source password manager
Password managers are convenient in many ways, they save you time, help generate secure passwords, and you don't need to remember dozens of logins. Though there are lots of password utilities, using an offline program enhances your security greatly.
Martin's favorite application is KeePass, let us take a look at another application called Password Safe.
Password Safe is an open source password manager application for Windows and LinuxÂ and it works completely offline. It is comparable to KeePass, which is what I've been using for many years as well.
Note: The program we are discussing here should not be confused with the commercial app that goes by the same name.
When you run Password Safe, it prompts you to open a password database. Since we are just getting started, you can click on the New button. The program saves the database in a special format, psafe3 that uses the Twofish algorithm and a 256-bit key.
Give your database a name, next you'll have to set up a safe combination. That's fancy talk for "master password".
If you use a weak password, Password Safe will warn you about it, and recommend you to use a combination of mixed case letters, and include at least one number.
When you have saved the password, you can access the application's interface. Password Safe's GUI has a menu bar, a tool bar and a drag bar. Manage your password database from the large pane. It's blank now, so let's add something to it. There is no way to reset the master password, so don't forget your safe combination. You can however change the password at anytime from the Manage menu.
Password Safe can be used to import your existing password database from plain text file, XML, and KeePass XML files.
Importing the XML involves some additional steps which are outlined at this page.
In short, you'll need to place the KeePass XML file, the msxml file from Microsoft in the same folder as the XSLT file. You can find the XSLT in Password Safe's directory. Next, open a command window and type the command from the page that's linked above. A new PWS.xml will be created, which you'll need to open from Password Safe > Import menu, and the logins will be added to the program. This method is not convenient, but it works flawlessly.
Adding new logins
Click on the Edit menu > Add Entry option. This opens a new window where you can enter the title, username, password, URL and email address of the associated login. You can optionally insert a note to the entry. Use the key button below the password field to generate a secure password. Entries can be stored in folders called Groups, you can create sub-groups as well. This helps in organizing your logins into various categories.
Using the passwords
Once you have saved your credentials to Password Safe, you can use it anytime you want to by clicking on it and selecting copy username/password. Alternatively, use the keyboard shortcuts Ctrl + U for copying the username to the clipboard, or Ctrl + C for the password.
Password Safe does not have browser plugins. But it does support AutoType, just like KeePass. To use it, go to the web page you want to log in to, select the relevant user info from the database, right-click on it and select "Perform AutoType". The program will auto-fill the credentials in the username and password fields.
The second toolbar in Password Safe allows you to drag and drop usernames, passwords, and other fields to the window of your choice (For e.g. your browser, email client, or any other program). This is a faster way to login than to use copy username/password.
Password Safe has a secure password generator that can be accessed from the manage menu, or using the keyboard shortcut Ctrl + P. Customize the rules for generating the password such as the length, lowercase, uppercase letters, numbers, special characters.
Password Safe places an icon on the system tray. Right-click it to view the recent entries that you have used, clear the clipboard, close the database, minimize the program, etc. The program will automatically lock the database after 5 minutes of idle time.
You'll need to click on its tray icon to sign in.
You cannot exit or access the program's interface when Password Safe is locked.
The application is portable and available for 32-bit and 64-bit systems. Password Safe is an open source software. It is compatible with Yubikey authentication devices. Unofficial mobile apps of the password manager are available for Android and iOS devices. Though the desktop program is offline, there is an optional app called PasswdSafe Sync that you can use to sync your database to your phone using a cloud storage service provider such as Box, Dropbox, Google Drive, OneDrive, or your ownCloud server.
As a long time KeePass user, I don't see a reason to switch over, that's mostly because Password Safe does not support plugins. But if you want to ditch cloud based password managers for one that stores your database locally in an encrypted file, Password Safe is a great choice.
It looks like they haven’t updated the UI since 1997…
I can’t imagine this is all that secure lol.
Don’t fix whats not broken. The UI is perfectly fine. This is much more secure than crappy cloud password managers.
â€œI canâ€™t imagine this is all that secure lol.â€
I canâ€™t imagine that you know who created Password Safe….
Hopefully, his credentials are sufficient for your demanding safety needs…
Keepassxc it’s also a great keepass alternative. It would be nice if you check out and write about it.
@SÃ©rgio: I used KeePass as my 1st password manager while I was on Windows. It claims to be cross-platform but on Linux, my next port of call, I found KeePass ugly and janky. I tried Keepassxc and was impressed and happy with its performance.
KPxc is also cross-platform, and when I switched to macOS it was equally impressive. So, I agree with you comment.
Ahh, my first password manager from more than 18 years ago now. From the great Bruce Schneier. At the time I first came across it, I was not “allowed to download” because it was restricted due to its secure encryption. Some sort of USA BS military restrictions for the ‘foreign baddies’ if I recall. Sigh. I downloaded anyway and used fire many many years.
Same here. Still using this legendary software.
Thanks that ghacks pays attention to this software.
Also a long-time Keepass user, the other feature I would demand is 2FA, making the database as secure as it can be.
I’ve been using Password Safe for years. I love that it’s tiny and portable.
KeePass at home but Password Safe at work. It was actually recommended by the IT Security advisor during the on-boarding training about a decade ago.
It’s one must-have feature is the ability to define a main password and link other entries so one update covers them all. Very useful when there are many different systems that need to be logged into using the same userid and password.
yeah, good to see Password Safe up here again. been a secure user for years and its been a great program. new is not always better and i just dont trust my passwords on someone else’s computer (cloud)
I have two computters in my home that I use. I would love to be able to have a password manager for my work computer that will work with a USB drive on the other one. Can I simply copy from one USB drive to another so I can use two of them?
You mean one database for work and another for home? Or are you using the same database for both work and home? Its portable, you can run it anywhere long as you know your master password…
Well, they would have separate and *mostly* different bookmarks. While my home system would have many more personal password-necessary accounts (banking, medical, memberships, etc.), there would be a few of those that I might need to access from my work system.
As of now I’m using one USB plug with a password manager covering ALL passwords. And I need to carry it everywhere I go since it unlocks both systems. I hate that. Or I could have two separate ones, but they wouldn’t be usable on each other. I’m just trying to figure out the best way to manage the managers.