Waht are the advantages of Password Safe over more popular KeePass?

kippr
2014-06-26
2014-08-03
  • kippr

    kippr - 2014-06-26

    From your perspective? Good question.

     
  • blipco

    blipco - 2014-07-14

    Don't need .net to be installed.

     
  • JackG

    JackG - 2014-08-02

    Off the top of my head,

    1) It offers a nested tree view as well as a flattened list view. I'm pretty sure KeePass still doesn't offer the tree view.

    2) It includes a file encryption feature, a functionality I don't think KeePass has.

    3) It doesn't require any extra platforms or frameworks, whereas KeePass version 1.x requires GDI+, and KeePass 2.x requires the Microsoft .NET Framework.

    4) It uses Twofish, whereas KeePass version 2.x uses AES and requires a plugin if you want Twofish.

    I'm not too familiar with KeePass, so there may be more.

    Although there's some features KeePass offers that Password Safe doesn't as well, such as the ability to use plugins, ability to export the database to more formats, an option to increase the number of hash iterations, ability to attach files to entries (don't think PasswordSafe can do this), assign icons to entries, among other things.

    Some might argue that it also enjoys a more flexible cross-platform usage than Password Safe. While it does require frameworks as mentioned in #3 above, this allows installation on Linux, OS X, BSD, etc. through Mono. However I noticed there is now an official Java incarnation of Password Safe, allowing that same flexibility.

     
  • Rony Shapiro

    Rony Shapiro - 2014-08-02

    A couple of minor corrections to JackG's reply:
    1. PasswordSafe does support changing the number of hash iterations (For those unfamiliar with the term, the more hash iterations you have, the longer it takes for PassordSafe to open a database, which means the harder it is for an attacker to brute-force the database).
    2. PasswordSafe also has a Linux build based on wxWidgets, available on Debian, Ubuntu and Fedora. It has been rumored to build under OS X as well.

     
    • JackG

      JackG - 2014-08-02

      1)...I mean the number of iterations is a parameter that the user can adjust in the settings. Is this really a functionality PasswordSafe possesses? I saw no options at all when creating a database in PasswordSafe, and no mention of any such thing in the Help file.

      This is actually why I created Ticket #762

      KeePass allows for all sorts of user-defined options including: a database description and unique color for identification, adjustment of the number of key transformation rounds, the option to compress the database with GZip, a recycle bin functionality, templates, and the option to set periodic recommendations to change the master key as well as forced master key changes.

      These are all settings the user adjusts when creating a database.

      Can the user really adjust any of those such things (particularly the hash iterations) in PasswordSafe?

       
      • Jeff Woods

        Jeff Woods - 2014-08-02

        Options->Security->Unlock Difficulty
        Help text:
        The setting of the slider determines how much processing is required
        to open and save a Password Safe database. The Standard setting should
        provide sufficient security without delaying the opening of a database
        significantly on most platforms. When increasing this value, consider
        the slowest CPU that you will use to access the database.

        On Sat, Aug 2, 2014 at 5:52 AM, JackG jackgs-at-users.sf.net
        |SourceForge| 3p4miwp12t@sneakemail.com wrote:

        1)...I mean the number of iterations is a parameter that the user can adjust
        in the settings. Is this really a functionality PasswordSafe possesses? I
        saw no options at all when creating a database in PasswordSafe, and no
        mention of any such thing in the Help file.

        This is actually why I created Ticket #762

        KeePass allows for all sorts of user-defined options including: a database
        description and unique color for identification, adjustment of the number of
        key transformation rounds, the option to compress the database with GZip, a
        recycle bin functionality, templates, and the option to set periodic
        recommendations to change the master key as well as forced master key
        changes.

        These are all settings the user adjusts when creating a database.

        Can the user really adjust any of those such things (particularly the hash
        iterations) in PasswordSafe?


        Waht are the advantages of Password Safe over more popular KeePass?


        Sent from sourceforge.net because you indicated interest in
        https://sourceforge.net/p/passwordsafe/discussion/134800/

        To unsubscribe from further messages, please visit
        https://sourceforge.net/auth/subscriptions/

        --


        Today, wanting someone else's money is called "need", wanting to keep
        your own money is called "greed", and "compassion" is when politicians
        arrange the transfer. -- Joseph Sobran

         
        • JackG

          JackG - 2014-08-02

          Wow yeah I totally missed that. It's definitely not as explicit or noticeable as in KeePass.

          The Help description doesn't even really explain what you're doing, which is why my searches for "hash" "iteration" "rounds" and "transformation" turned up no results. I also searched the sections on the master key and still saw no mention of such a thing.

          This also begs the question as to why Rony himself actually suggested such a feature just last year.

          Are we even talking about the same thing? Is the slider really adjusting the hash iterations?

          Perhaps a change to the Help file offering a more descriptive explanation of what the slider does?

          And if that is indeed what it is, maybe even a switch away from a slider altogether, in favor of a digital display in which the user can set the exact number of rounds? With the slider the user has no idea how many iterations are being used.

          The 1-second delay calculation is also a useful feature that would be a good addition.

           
          Last edit: JackG 2014-08-02
  • Bill Osler

    Bill Osler - 2014-08-02

    I hope you will excuse my ignorance re: database details, but I'm not sure why an option to zip a database would be all that helpful. My impression (perhaps faulty) is that strong encryption should generate a database that looks nearly random. I don't see that compressing such a file would save much space. Just for grins I zipped my main Password Safe data base which is about 160k in size. The zip file was marginally larger than the original file. A different compression program might be somewhat more efficient but I doubt it would save much. I suppose there might occasionally situations in which zipping several files into the same archive would be convenient but I'm not sure that "compressing" a database would be worth the effort required to code it.

     
  • DrK

    DrK - 2014-08-03

    JackG said: "KeePass allows for all sorts of user-defined options including: a database description..." So does Password Safe - you can enter a Name and a Description (File->Properties)

    Password Safe also provides Named Password Policies that can be used by any entry (saves changing each new entry - just use a policy you defined earlier). These policies are in addition to your default and are also saved in your database. Password Safe also has the ability to set up filters so that you only display a subset of your entries. These can be saved in your database or auto-installed at open time. Both can be exported to XML.

     

Log in to post a comment.