Multiple User Question (after doing a search)

I've done some research and found a lot of answers to my questions. 

I've got a contact center with 200 agents in it.  They each have several logins they have to remember for multiple systems.  Something like this could help them keep track of things better. 

I'm not the IT guy who would be installing this, but I do have some questions just about functionality. 

Essentially, it seems they would each create a database to store their passwords in.  Their databases would have a password required to access it.  So my questions would be can this software handle that many databases and would each of them be secure from the other users? 

We would also have more than one user hitting this software at a time.  Would that cause an issue if two or more people tried to access their separate databases at the same time?

And last question… Is there a master password where someone could go in and delete databases when the agent is no longer on the project?

Thanks in advance for your help!

Hi AnthonyMarc,

1. Are you asking to install keepass on 200 desktop or laptop computers?  (one install per agent)
2a. Are you expecting each agent to have their own keepass database of logins and IDs?

• or-
  2b. Are you expecting to have one major keepass DB that all your agents share?

I'm going to make some assumptions to answer your questions:
1. KeePass is install on each computer.  if agents share their computers, they would typically have their own logins to that computer.  KeePass can be install one per computer.

2. Each KeePass user would have their own DB.  with their own master key.  Which would mean that each user would need set up their own logins and password in their DB.  You could create a generic DB with a simple masterkey and then have them update it and change the master key to save them some time.

3. there would be no issues with user on different computers using different keepass DBs.

4. deleting a keepass DB is no different than deleting any other file.  You do not need to know the master key to delete the keepass DB.  only to read the data that's in it.

Ok, let me clarify.

the software would be installed on the server and accessed through the intranet. 

Would it be a problem if users from multiple computers were hitting the software on the server, or would it need to be installed on each machine?

Further clarification:

each agent should have their own login to their own database of passwords.  The important thing is that 200 people should be able to access the software on the server from multiple PCs using 200 different passwords to access their personal database of information.  Can this software facilitate that need?

Yes.
KeePass.exe can be run from a common location.
Databases can be stored on a location only available to the user.
Each user has their own copy of the configuration.
You could use Windows certificates to encrypt the databases. This makes use easy and restricts access to the correct user.

cheers, Paul

Good people.  I have a desk top and a laptop.  I do all my initial password work new & update on the desktop.  I cannot figure out how to transfer the updated directory to the laptop.  My efforts with a thumbdrive have not worked and I attempted a plugin, but it did not take.  Any help much appreciated.  I am using 2.x

This procedure will demonstrate how to synchronize two copies of the same Keepass password database.  Once you understand the process, you can simplify and modify the procedure to suit your needs.  If you follow this procedure, you should be able to identify the particular step that is causing a problem.  At that point you can stop and check what is causing the problem. 

1. Close all running copies of KeePass on both your desktop computer and laptop
2. Copy your password file (the .kdbx file) from your desktop computer to a usb stick.
3. Attach the usb stick to your laptop and verify that you can open the usb copy of your password file on your laptop, then close KeePass
4. Attach the usb stick to your desktop computer and verify that you can open the usb copy of your password file on your desktop computer, then close KeePass
5. Open the desktop copy of your password file (.kdbx) using KeePass.  Verify that you are working on the desktop copy of the password file, not the usb copy.
6. Add a new test entry to the desktop password file. Save the password file (Ctrl-S). Do not close the password file.
8. On the KeePass menu, navigate to File/Synchronize File… and select the usb copy of your password file in the dialog box.  KeePass will synchronize (a progress bar will display) the desktop password file with the usb copy of the password file. After synchronization is complete, the desktop copy of the password file should be the only password file that is open.
9. Close the desktop copy of the password file.
10. Open the usb copy of the password file. Verify that you have opened the usb copy.  The new test entry that you originally added to the desktop password file will be present in the usb copy.  To demonstrate that you can synchronize in both directions, delete the entry from the usb copy, save, then synchronize with the desktop copy of the file. When you open the desktop copy the test entry will have been deleted.

As I often do, I over-thought your problem.  Since you say you are not editing the password database on your thumbdrive.  All you have to do is copy your .kdbx file from your desktop to your thumbdrive.

That is steps 1-3 only.

-wellread1

gardendrive,

I use dropbox (suguarsync will likely work just as well) to keep the keepass db in sync between all my computers.

Download it on each computer and create an account.  All pretty easy.  Dropbox will create a special folder that stays in sync between all your computers.  It's really very easy.

Dropbox et al will not work if you create a new entry on 2 machines at the same time, or whilst you do not have a connection to the internet on one computer. Only a KeePass sync will work here.

A Better Dropbox Method
1. Create a trigger that saves a copy of the database to a "sync" directory on all devices.
2. Set the "sync" copy to be synchronized by Dropbox.
3. Create a trigger to sync to the "sync" copy when you open the database.

Now any changes you make to the primary database will always be in the primary database no matter what the dropbox sync does. When KeePass performs it's sync the changes will appear in the DB copy and eventually arrive at the other devices.

cheers, Paul

Paul,

Assume computer A and B both have keepass running, if there is a change on computer A, and the trigger saves a copy of database, dropbox sync it to computer B, now how the keepass in computer B knows there is a change on the sync file and sync it into it's database? Most of cases, keepass in computer B is in the lock status, what event can trigger such sync(based on change of an external file)?

Thanks!

The trigger does not copy the database, it syncs with the Dropbox copy, retaining all data in both copies. . Even if you manage to have a conflict on the Dropbox sync, KeePass maintains all data in the live file and will re-sync on the next trigger. There is no requirement to know the external file has changed.

cheers, Paul

So if keepass on computer B doesn't exit and re-run, it won't have the changes that made on computer A unless it re-open the the database, right?

if the keepass is locked, when we unlock it, what event it triggered?

Thanks.

You need to tell KeePass to sync. In this example I use a trigger on open, but youcould set the trigger to run every 10 minutes, or on un-lock.

Triggers.
Trigger examples.

cheers, Paul

on un-lock is what I am looking for, but didn't find this event?

Have you tried the open database event?

cheers, Paul

is un-lock same as open database?

Don't know. Let us know if it works.

cheers, Paul

It is based on my testing, cool! Thanks!