Password keeper falls flat

I've always avoided password-automation software for two reasons: First, storing your passwords all in one basket, so to speak, reduces your overall security by putting all your valuable access codes in one place, behind one password. Without a password keeper, someone intent on stealing all your info (after, say, finding your lost laptop in an airport) would have to guess all the banks or online services you use, find your username and THEN figure out what your password is. With a password keeper, all that info is in one place, theoretically making all your business info available in one place.

The second reason is that I always figured if you have so many accounts to log into that you can't remember your username/password combos, you need to simplify.

I finally changed my tune, after going freelance and having the wonderful opportunity to log into the CMAs of several publishers several times per week. A couple of them make me log in several times -- for each of the micro-sites I work on. Then I have my own emails, domains, blogs and various other detrita.

Having some of that logging in automated suddently looked attractive.

Since password keepers aren't particularly fun to play with, I went to Freewaregenius, AppAholic, Lifehacker and Downloads.com looking for recommendations. I eventually downloaded KeePass Password Security which, appears to actually be secure.

It encrypts your passwords in a database, avoids keyloggers that might otherwise grab your passwords as they go through, and generally works hard to keep bad guys from getting your data.

On the other hand, every time you want to log in to something, you have to either cut-and-paste password data from KeePass to your browser, or drag the information to the right field. That's actually a cool feature, in one way of looking at it. You can open the list of your logins, click on the Username field for the one you're working on, and drag it over to the Username field in your browser. Then do the same with your password, which is obscured with hashmarks.

If you drag the password to the username field, though, you're out of luck, which means you have ot pay that much more attention than you would ordinarily. And KeePass doesn't log in automatically for you.

So you're left pretty much with a relatively secure database for your passwords rather than a utility that will securely log in to your Web sites for you.

Firefox comes with a password-keeping feature, and it logs in automatically for you. But if you have Firefox set to clear all your private data when you shut down the browser, it forgets both the sites and the login data when you shut the browser down. Even when you (or at least I) tell it not to, it clears your password info as well as your surfing record.

So, even free, KeePass isn't worth the cost of installing and using it. I still don't trust Firefox's ability to keep a stored password safe, but at least it won't make me add another step to every additional login.

KeePass goes back where it came from.