360 likes | 492 Views
Introduction to AxCrypt and KeePass. Overview. KeePass What is KeePass Starting the Program Creating a new database Adding a New Entry Using the Password Using the User Name Searching for Passwords Creating Random Passwords Selecting Password Options Opening Your Database Summary.
E N D
Overview • KeePass • What is KeePass • Starting the Program • Creating a new database • Adding a New Entry • Using the Password • Using the User Name • Searching for Passwords • Creating Random Passwords • Selecting Password Options • Opening Your Database • Summary • AxCrypt • What is AxCrypt? • HIPAA info • AxCrypt Installation • Encrypting a File • What is a Key File • Making a Key File • How to Decrypt a File • Shred and Delete • Advanced AxCrypt Options • Sharing AxCrypt Files
What is AxCrypt? • AxCrypt is a free, and easy to use, open source strong file encryption tool. • Can be used on Windows 95/98/ME/NT/2K/XP/Vista, integrated with Windows Explorer. • With AxCrypt we can encrypt, compress, decrypt, wipe, view and edit with a few mouse clicks. • AxCrypt uses AES encryption. • Axantum Software AB is a Microsoft Certified Partner.
How to Install • Download software: http://axcrypt.sourceforge.net • During installation process, verify the Certificate Publisher is: Axantum Software.
How to Install • Select the language that fits your needs. • Approve the license agreement
How to Install • Request Update Notifications
How to Install Start Menu Folder • Select Install Location
Encrypting a file • Once Axcrypt is installed, you can start using it immediately. 1. Using Windows Explorer, select a file (multiple) and right click on them. 2. Expand the AxCrypt menu and left click on Encrypt 3. Enter a passphrase or password. You will be required to enter it two times.
What is a Key File? • A key file is any file, where the content is used as an additional part of the passphrase provided.
Key File Background • The created passphrase in the key file will be different each time you go through with the procedure. • You can never do one again if you lose it. • The passphrase is extremely difficult to crack • Using the key file passphrase makes encrypting your file even more secure than using the initial password. Example: Y9Iv vDw7 jR7b KIqP CB0W Tm0y H933 4lGg XVJj vBBW mfI=
Suggested Key File Media • Make at least one copy of your key file as a backup • A good idea is to print out a copy of the contents of your key file passphrase • Depending on the likelihood of the media to become corrupted, you may want to make multiple backups (i.e. if you are using a floppy disk which could easily become broken or a CD that could become scratched).
Making a Key File • Using Windows Explorer, right-click on any file and then mouse over AxCrypt and select Make Key File. You will get the following message pop-up. 1. Print a hardcopy of your key-file phrase. 2. Store Key-File on removable media (jump drive, ½ floppy, or CD-R/RW drive.
How to Decrypt the file • Using Windows Explorer, select an encrypted file, right click, move your cursor over AxCrypt and then left click Decrypt.
How to Decrypt the file Here is what you will see after selecting Decrypt. • If you used a key file. Insert your key file floppy, CD, or jumpdrive prior to decrypting the file. • Then left click on the Key File button to browse to your Key File location.
Shred and Delete Feature Documents that you delete can be very easily recovered by any number of ways. With AxCrypt you can elect to delete files and documents in a more permanent way. • Select the files you want to shred and select Shred option on the right click menu. • You will be asked to confirm, since the operation cannot be undone. • Click “OK” and your data will be overwritten with random data before being permanently deleted.
Advanced AxCrypt Options • Encrypt a Copy: This option keeps the original file unencrypted and will create a second copy that is encrypted. • Encrypt a Copy to .exe: Allows you to encrypt and send a document to another as an executable without them needing to install the full AxCrypt program on their pc. (Not recommended) • Using AxDecrypt Viewer (on web): Can view a .axx doc without having AxCrypt program. http://axcrypt.sourceforge.net/downloads.htm 4. Clear Passphrase Memory: If you used the option to “Remember this for Decryption”, subsequently selecting the Clear Passphrase Memory would remove that password from the memory of the PC. Thus requiring you to enter it for future access to the file.
Sharing AxCrypt Files • Passwords/passphrases used for encryption should not in any way resemble passwords used to login to your PC • When encrypting files and sending them to another person: you must relay the password/passphrase in a secure manner. Sending the other user an encrypted document via e-mail and then e-mailing the passphrase is NOT a secure method. • Some examples of secure methods/procedures for sending passphrase : • E-mail encrypted document, fax the passphrase • E-mail encrypted document, call person on phone and relay passphrase • Send the encrypted files on a cd in the mail, e-mail the passphrase to the person • E-mail encrypted document, text message on cell phone the passphrase
AxCrypt Summary • Remember that when using encryption and key files that you keep a copy of the credentials in a safe spot. (i.e. sealed envelope in department safe and that others in the department know the secure offsite location where the passphrase is stored). • Be considerate of encrypting documents that you commonly share with other co-workers. • Using a Key File is not required! Using a Key File is not required! Using a Key File is not required! • When using key files, a password/passphrase still needs to be used
Introduction The KeePass program stores your passwords in a secure database. This database consists of only one file so it can be transferred from one computer to another easily. This database is locked with a master password. This means that all your other passwords are accessible only by entering the master password correctly. If you lose this master password, all your other passwords in the database are lost also. The database is encrypted based on mathematics and there isn’t any backdoor or a key which can open all databases. • http://keepass.info/download.html
Starting the Program • Double click the KeePass icon on your desktop to start the program • This is the first screen visible to the user on startup of KeePass.
Creating a new database: • Select: File > New Database • Next you are prompted to select a master key
Creating a new database cont’d • Once entered, you will then be asked to retype the password. If the password has been entered correctly a new empty database is created.
Creating a new database cont’d • As soon as you have created the master key and entered the database, you should save it to the computer’s hard drive: • Press: on the Main Screen. • The program will ask you where you desire to have the database file stored. Choose a location. • Example: My Documents or Desktop
Creating a new database entry • Click: ‘Internet’ option • To create the password record • Select: Edit > Add Entry.
Adding a New Entry • The ‘Title’ can be set to anything desired, normally a symbolic representation of the meaning of the password. Ex: Hotmail • The ‘Username’ is whatever username the password is associated with. Ex: username@hotmail.com • The ‘URL’ in this case is the Internet address. Ex: www.hotmail.com User Scenario ‘’I would like for the KeePass program to help me remember my Hotmail user name and password’’ • The ‘Password’ is automatically generated. This can be changed either by typing a new password manually; • Ex: one4allandall4one • The ‘Quality’ refers to the length of the password. The longer the password, the greater the security. • The Notes text box can be used for a verbose description of the use of the password. • The ‘Notes’ text box can be used for a general description of your password. • Ex: getting into my Hotmail account
Using the Username • To use the user name click on the username entry you wish to use • Select: Edit > Copy User Name to Clipboard • For extra security the username only remains on the clipboard for ten seconds. In this time the username must be pasted where it is required. In general this can either be done by holding Ctrl and pressing V on the keyboard, or by right-clicking on the username field and selecting the paste option. So, you can copy the username from the KeePass program, open the window where it is needed (example: www.hotmail.com) and paste it into the username box.
Using the Password • To use the password click on the password entry you wish to use • Select: Edit > Copy Password to Clipboard • For extra security the password only remains on the clipboard for ten seconds. In this time the password must be pasted where it is required. In general this can either be done by holding Ctrl and pressing V on the keyboard, or by right-clicking on the password field and selecting the paste option. So, you can copy the password from the KeePass program, open the window where it is needed (example: www.hotmail.com) and paste it into the password box.
Searching for Passwords • Often a password is needed but the location of it may not be known. To find a password in the database, the Find function can be used. • Select: Edit > Find in Database • Next, the ‘Find’ Screen is shown. Different parts of the passwords’ record can be selected for use in the search. The search string (word to be searched for) is typed in the text box. • The results of the search are then displayed.
Creating Random Passwords • KeePass uses a number of algorithms and random data collection to generate passwords. This section deals with how to create them. • This is a good method of creating a password that is not easily cracked. This option can be selected when creating a new entry in the database, as shown below. “I am tired of creating new passwords all the time. If this program remembers all my passwords, then I would like it to create them for me automatically.’’
Selecting Password Options cont’d • There are different check boxes that can be marked to include character types wanted in the password. The greater the range of characters, the greater the security of the password. However some systems may not allow certain characters in passwords. • The next option allows you to set a range of characters that the password can be generated from. • Checking the box labeled ‘Collect entropy’ will collect random events to use in the password generation. • This happens when you press button. • Press:
Opening Your Database • Now you have created your database, input different passwords into it, and saved it. At anytime you can run the program by launching it from your Desktop • Press: • Then select the file and the location of the database you saved originally.
Summary KeePass is a powerful user-friendly password application with many good features. It allows you to store passwords in a logical and familiar way. The database is also stored using complex encryption, so it is safe from intrusion. It is very important to have a good master password with which to lock the database. When the program is running the passwords remain encrypted in the process file. Use this program if you have many different passwords for your email, bank account, website subscriptions, etc. It is a small program and can easily fit on a floppy disk or on a USB flash drive. This way you can carry it around with you everywhere.