I'd like to update and strengthen my passwords. Trouble is that most sites have me use the trial-and-error method of updating. I have a fear of losing the old/valid password while trying various iterations of a new one. I believe I read that KeePass 2 saves password history, but I'm not seeing any on the Edit Entry screen. Can someone advise on a safe method to accomplish this task? Thanks.
History is on the History tab when you edit an entry.
There is no standard method because all sites differ. I generally enter the old password, then generate a new password and drag n drop that twice - assuming you have an old/new/repeat mechanism.
The most annoying problem I find is when the developer doesn't tell you what an acceptable password is and you spend 15 minutes trying to work out what size and combination of characters the developer has decided he will accept - 8 alpha characters is really safe isn't it?!?
I click the icon next to the hidden password to display the current password text and then copy and paste it into the notes area while trying new passwords.
Once the site has accepted an update then the now obsolete version can be deleted.
I used your method of saving the old pw in the notes and generating new pw's. Aside from finding very little info about what an acceptable strong pw is, I ran across the following obstacles:
Some sites don't allow drag-n-drop of the new pw - you have to copy and paste.
Other sites don't even allow copy and paste - you have to manually TYPE IN the generated pw TWICE (all 30 alpha-numerics, special characters, spaces, etc). What a bear!
Lastly, some big mutual funds sites still only allow 6-8 characters OR numbers. Some security! Happy New Year.