Menu
homeMicrosoft

How to organize password storage in Android. Properly storing Android passwords using KeePassDroid

When choosing one method or another for storing confidential information, you have to make a compromise. Relying on own memory, we choose simple, easy-to-remember options for passwords, logins, etc. Material recording (say, notes in a notebook) is even less reliable; additional argumentation may not even be given.

A mobile device is also not a panacea. But firstly, the phone is always at hand, unlike desktop software solutions. Secondly, reliably protect the data on your phone " little blood“It’s still possible.

Among the most popular applications for Android top positions Password managers are taking over, and there's a surprisingly wide range of choices in this category. This guide mainly covers well-known and well-proven solutions. The task is to find out how convenient it is to use password managers, what tools the developers offer to protect information in each case.

First of all, our interest is focused on the following aspects:

  • Synchronization, import and export of data
  • Records, templates, ways to organize data, search
  • Supported Security Standards
  • Additional tools: built-in browser, password generator, etc.
  • Security measures such as setting a master password (or PIN), auto-locking, clearing the clipboard.

Participants:

  • mySecret
  • Keepass2Android
  • Safe in Cloud
  • Pocket
  • LastPass
  • PassWallet
  • Dashlane Password Manager

mySecret

The mySecret app allows you to store usernames, passwords and notes in an encrypted database. When a database is created, a master password is assigned to it.

Optionally, the database can be synchronized online with Dropbox or via an HTTP server. Also provided local access: The database is stored in the phone's memory; it can be synchronized manually, deleted, or restored from a file. For additional protection certificates are used for content.

mySecret uses a simple format for storing information. The contents of the cell consist of a record (name), login, password, URL, note. All this data is involved in the search; you can quickly find the information you are interested in at any time. However, please note that some traditional mySecret amenities are not available. For example, you cannot assign a record to a category or group or assign additional fields.

Very little attention is paid to safety. In some cases, reinsurance in the form of additional measures would not hurt. For example, when deleting a database, you are not prompted for a password, no quick lock etc. points that will be discussed in the review.

Summary. mySecret supports online synchronization, autonomous operation,password storage with certificate support. Weak sides- organization of passwords is too simple, impossible flexible settings, unclear security situation (at a minimum, encryption technology is not specified).

Keepass2Android

Keepass2Android is a free password manager that allows you to write sensitive data to a *.kdbx file. This format is supported by desktop versions of KeePass and is thus available for .

KeePass allows you to work with several databases stored in the phone's memory. Information is encrypted using AES algorithm(Rijdael) 256 bits with a specified number of encryption approaches. Additionally, a key file can be used. Of course, the database is protected by a master password; to speed up access, you can activate the QuickUnlock option - unlocking using the last three characters of the password.

Entry includes standard fields(password, username, website address, comment). In addition, you can assign an associative icon, add additional fields, tags, attachments, and specify the password expiration date. It is allowed not only to add records, but also to group them. This is very convenient, but it would be more practical to associate groups with a specific set of fields, thereby speeding up the addition of new records.

Advanced search allows you to include any fields and data. A normal search in KeePass is carried out not as you type, but after clicking on the confirmation button (this action could also be optimized).

In stock additional options security: clearing the clipboard, blocking the database, quick unlocking, setting passwords, managing operations, processing files.

Keepass2Android supports database synchronization with cloud Dropbox services, Google Drive, SkyDrive, and also by FTP protocols and WebDAV. There is a local - less popular - version of KeePass - . It may be of interest, perhaps, only to users who do not need constant synchronization with other platforms. Export is supported in it, along with alternative version applications.

Summary. Keepass2Android is a functional solution with convenient organization of passwords and other classified information. Among the features are groups and advanced search, synchronization with desktop platforms and online services.

Safe in Cloud

Safe in Cloud - password manager with the ability to online synchronize an encrypted database (supported Google storage Drive, Dropbox and SkyDrive). Despite the only database, access to the service is possible on other platforms: (iOS, Windows). There are also extensions for Chrome browsers and Firefox.

You can import old passwords into Safe in Cloud; more than 80 supported applications are stated (other options can be added upon request). Export of records is available, output formats are TXT, CSV and XML. Other operations performed with the database include backup/restore of data to a memory card.

User data is stored in the form of maps, notes, and templates. Maps are records from confidential information, created based on templates. The templates are specific set fields (for example, credit cards, passports, email, web accounts). Finally, notes are simple text entries.

Tags are used to organize posts; you can quickly navigate to the desired category from the sidebar. Navigation is being expanded convenient search: it is initially produced for all fields and works as you type.

Data in Safe in Cloud is encrypted (both on the phone and in cloud storage), standard 256-bit is used Advanced encryption Encryption Standard. A master password is provided; it is entered each time you start or resume activity in the application.

Summary. There are no complaints about the Safe in Cloud application. Most strengths - user-friendly interface, thoughtful navigation plus categorization and search, ample opportunities import and export, cross-platform, synchronization.

Pocket

Pocket (not to be confused with the service of the same name for delayed reading) - Notebook for convenient storage of information, including confidential information.

The design of Pocket differs from other applications in less strictness: convex buttons, colored background, many icons. This is an additional “plus”, although, according to reviews, there are also adherents of the conservative style.

Similar to Safe in Cloud and similar programs, Pocket supports categories, allowing you to sort entries by various types. In the group settings, fields are specified - that is, something like a template. As a result, it is easy to create groups in wide range, from web logins and car signs to licenses, recipes and other entities. There is a password generator nearby that will help you create a password of the required length and complexity in the appropriate field.

The search bar has its own section, and a slight inconvenience is that you need to click on the “Search” button, enter keywords and press the button again, although, as already noted, this can be implemented much easier for the user.

The AES-256 algorithm is used for encryption. The master password, created for database security purposes, is a SHA-512 hash and is not actually stored on the device as a specific combination of numbers. When inactive, Pocket automatically blocks access and clears the clipboard, ensuring comprehensive protection data.

Existing entries can be imported or made backup copy from SD card, sync with Dropbox. When online synchronization is used HTTPS protocol, the data is transmitted encrypted.

The Pro version, compared to the free version, does not contain additional functionality, but it does not contain advertising.

Summary. The program has not been updated for a year, but it is still quite relevant. Pocket has a good design, although not in all aspects optimized for quick access- such “chips” as quick search and QuickUnlock would not hurt. Customizable synchronization, export of recordings to an SD card, import wizard. Integration with desktop (Windows/Mac/Unix) jar application is available.

LastPass

LastPass is a symbiosis of a browser and a password manager. The browser is used for quick filling forms, saving addresses and other information, and the manager also allows you to store any text data.

PassWallet is a password manager and secure data storage. 256bit offered AES encryption databases, synchronization with online services Dropbox and Google Drive.

Personal data can be imported from other applications, including Keeper, mSecure, aWallet, DataVault, SplashID, NS Wallet, LastPass, Password Box, Safe in Cloud (some of the applications have already been mentioned or will be included in the second part of the guide). CSV file import and export is supported. The Pro version of PassWallet offers data backup and recovery with encryption support and PIN code setting.

It is very convenient that home screen supports the “terminal” input method, that is, to enter the master password you do not need to open standard keyboard Android.

With PassWallet, you can create secure records containing credit card, web service, and identity data. When you select "Other", you are prompted to enter a name, ID, password and note. So, use templates and custom fields It’s impossible, and this is already a noticeable drawback. For data tied to a date (passport, credit cards, etc.), you can specify an expiration date - PassWallet will notify the user about the imminent expiration of time. When entering a password, you can use a simple generator(produces random dial characters, without indicating complexity).

There is a search as you type, but you cannot organize information by tags or categories. Therefore, it remains to use standard ones, not always useful groups, like “Web Logins”, “Bank Accounts”.

Things are more optimistic with security options. This is the so-called Stealth mode (the ability to hide the application icon), disguise (PassWallet is not displayed in the launch history), auto-blocking, data destruction function if entered incorrectly.

The application is paid, a month of trial mode is provided.

Summary. The developers are convinced that PassWallet is the most “secure and convenient manager" In fact - a simple toolkit with well-thought-out access protection, in free applications You can also find a wider range of functions.

Dashlane Password Manager

The free Dashlane manager allows you to generate passwords and store them in safe environment, subsequently using it to autofill forms and log into sites. You can use the Dashlane Browser for Internet navigation, and the special Dashlane Keyboard for data entry. The application is available for Mac, Windows, iOS, Android tablets and phones.

First of all, we should note the user-friendly interface of the program. Quick access to data can be carried out either through a retractable sidebar, and through the control panel and search bar. Dashlane consists of three main sections: Password Manager, Autofill, Wallet.

A password entry includes information about the site, a pinned category, and a note. For creating secure password a built-in generator can be used. In addition to adding a password, notes containing title and content are available. To autofill forms, you can use the Dashlane Keyboard (it can be easily connected through the system settings of the “Language and Input” section) and the Dashlane Browser. If necessary, you can specify through the settings alternative application for Internet surfing.

Autofill settings are revealed in more detail in the Autofill section. Addresses, phone numbers, and names are added to the Personal Info section, which are subsequently used in the fields. The second subsection contains identifiers, ID - standard set templates with fields, including passport data, license numbers, etc. Unfortunately, it is not possible to add your own template or fields.

Finally, the Wallet section records information for payment systems: these are credit card numbers and account numbers.

Dashlane has security measures such as clipboard clearing, PIN protection, master password protection, auto-lock, and no screenshots.

The premium version of Dashlane allows you to synchronize passwords across various devices, automatic backup of information and online access to the database.

Summary. Dashlane offers clear separation personal information into several sections, convenient control data and thoughtful access settings. May be useful for quick input additional tools, such as browser and keyboard. It should be kept in mind that free version Dashlane does not support synchronization or backup.

I've been using the amazing password storage service LastPass for years and find it to be the best of its kind. However for Android platforms This service only offers a paid option, which is not suitable for everyone. So in this article, we'll look at how to get your passwords out of LastPass, transfer them to Android, and organize them secure storage and convenient use.

1. Export passwords from LastPass

Retrieving your passwords from this service is very simple, the process only takes a few clicks. To do this, you need to go to the service’s web interface and select “Export” in the main menu. After this, you need to specify the file name and location to save it on your computer.

2. Convert LastPass passwords to KeePass passwords

To work with passwords on a mobile device, we will use the program. It has clients for almost all platforms, has proven itself in terms of security, is convenient and free. But before you transfer your passwords to mobile device, they must be converted into a form understandable for this program. This feature exists in the desktop version of KeePass.

Install KeePass on your computer and create new base passwords by specifying one of the folders in Dropbox as the location. Then import the file from LastPass passwords to the password database you created.

3. Keepass2Android

Once your passwords are in a form KeePass can understand, you can transfer them directly to your mobile device. The best way to do this is to use mobile client Keepass2Android, which can synchronize your password database via Dropbox. Install this program, and then open the password database you created earlier.

4. Automatically fill passwords

One of the most convenient functions LastPass is the ability to automatically fill in credentials on saved sites. Keepass2Android also has a similar function, although it is implemented a little differently. The program has a special keyboard with which passwords are entered. This happens as follows.

  1. You open the login page in your browser (almost all Android browsers are supported).
  2. Using the “Send” menu, you forward this page to Keepass2Android. The program finds a password suitable for this page in its database.
  3. Then you are prompted to select a keyboard. Select the Keepass2Android option.
  4. A special keyboard appears on which you can use special keys You can enter your login and password for the open page in the required fields in one click.

Now you will have on your mobile gadget a well-secured and synchronized database containing all your passwords. In addition, we get the opportunity to conveniently enter passwords using special keyboard, which allows you to very quickly and conveniently enter the sites you need.

Keepass 2. The Keepass2Android program will allow owners Android devices organize a password database. Users can easily create new posts and edit existing ones. For convenience, additional string fields, tags and file attachments are provided. Also, files in the kdbx format are read and written. Thanks to integration with browsers, users will no longer need to remember logins and passwords, because... Keepass2Android will do it for them. There is password protection for access to the database. Provides quick unlocking (enter once full password, then to work you need to enter the last 3 characters of the password). The built-in keyboard will secure your work with the password database.

Peculiarities:

  • read/write .kdbx files (KeePass 2.x)
  • integration with almost any Android browser (see below)
  • Quick Unlock: Unlock the database by entering the entire password, open it again by entering just a few characters (see below)
  • Access to files in cloud storage (Dropbox, Google Drive, SkyDrive, FTP, WebDAV). Use "Keepass2Android Offline" if you don't need this feature.
  • Built-in software keyboard: Switch to this keyboard to enter login information. This will protect you from clipboard password sniffers (see below)
  • support for editing records, including additional string fields, attachments, tags, etc.
  • search dialog with all the features present in KeePass 2.x.

Download password manager - Keepass 2 for Android you can follow the link below.

Developer: Philipp Crocoll (Croco Apps)
Platform: Android 4.0 and higher
Interface language: Russian (RUS)
Status: Free
Root: Not needed



Creating a Password Database
  • After installation, launch Keepass2Android. Now you can open existing base passwords. The program supports database files created using the Windows version of KeePass 2. If you don't already have a database, click Create New Database.
  • First, specify the location of the password file. You can customize the path suggested by the application through "Change Location". In addition to local storage, for example on a smartphone's SD card, the application offers various cloud services to choose from. if you have Account Dropbox or OneDrive, you can also put the file there. You will need to enter your credentials. Locally or in the cloud - either way, you still have to select the target directory and assign a file name.
  • Now comes a very important step: you save your password file using your master password. This combination should be quite long and complex and kept secret by you. If you know master password, you have access to all KeePass2Android passwords. Therefore, use at least eight characters and a combination of uppercase and lowercase letters, numbers and special characters. Once you have entered the Master Password twice, click “Create Database.”

Password management and use

Once you've created or opened a database, you can enter new passwords and easily transfer them into login fields on websites or other applications.

  • For better structuring, all access data is organized into groups. To create a new one new entry password, first switch to one of the predefined groups. Or create new group. Click the plus sign in the lower right corner and then click on the folder. Enter a name and confirm with “Ok”.
  • Switch to the appropriate group by clicking the group name. Then select the plus sign and key in sequence to enter New Password. Depending on the input type available various templates. For example, there are custom forms for addresses Email, credit cards or Wi-Fi networks. For a regular username and password entry, use the "default entry".
  • Enter at least a username and password. For websites, it is also recommended to include a URL. Save the recording by clicking on the floppy disk icon at the top of the window.
  • If you now want to use the saved password, then the username and password must be pasted one after the other via the clipboard into the corresponding login form. Open the required entry in Keepass2Android. Then tap the three dots after the username and select Copy to Clipboard. Go to the application where you need to enter the details and paste the username from the clipboard into the correct field. Then go back to password management and repeat the procedure for the password.
  • Important. The clipboard is cleared at regular intervals by Keepass2Android for security reasons. This prevents other processes from using the cached data. Additionally, the application is blocked if it has not been used for a certain period of time. You can adjust the time periods yourself. To do this, go to the “Keepass2Android” settings menu and go to the “Security” section. Here you can set values ​​for clipboard lock and app shutdown time.

In order to manage your passwords on your PC, you will need a version

Password managers, which centrally store information about various accounts, perform several important tasks. When you use such a program, you only need to learn one password, which can be made really complex. In addition, you don’t have to be shy about choosing tricky, strong passwords for numerous accounts - the software will still store them.

Managers also allow you to synchronize password databases on different devices. Improving security without compromising usability is a great combination!

A key fob is a thing that allows you to lose all your keys at once. This is true for password managers as well. Therefore, approach the choice similar programs should be carefully. The vast majority of such applications are paid. Is it really impossible to do without extra costs? Of course you can. Today, only truly free Android products will hit the stage, not requiring the purchase of a subscription.


One of the most simple solutions app aWallet Password Manager. Essentially, it's a secure notebook for storing passwords without any additional automation. The program only offers the function quick copying information into the buffer, after which you need to go to the target application and paste the data into the desired field. A nice bonus: the software, although with some errors, has been translated into Russian.

The design of the application is emphatically modest, but, as people said, we can’t drink water off our faces, and we can live with a clumsy one. To manage passwords and other secret recordings serves as a directory. It already provides a number of categories for a quick start: “Web accounts”, “ Credit cards"etc. There is a built-in search for saved accounts. It must be said that the proposed categories can be edited and new ones can be added to them. Local database backup is supported.

In addition to free basic version There are also commercial ones. You can pay for the ability to import databases in CSV format, a built-in password generator, and also buy a subscription to aWallet Cloud, which is used to synchronize the database on different devices via the online developer service.


Perhaps the most popular free decision for working with passwords - this KeepPass. Several Android applications are built on its basis. KeePass Droid is a simple solution, the main advantage of which is its compatibility with desktop KeePass. Databases can be stored both locally and remotely. Passwords can be sorted using a hierarchical category structure. You can create them yourself, including nested ones. The program has a built-in strong password generator.


Application Keepass2Android it's more complicated. As you would expect, it understands the database format of the “desktop” KeePass, so it is possible quick start import ready base, if you have already used KeePass. The application is still under development preview version, So possibility of easy Reserve copy bases and their opening in the “desktop” KeePass gives some confidence. A wonderful feature of Keepass2Android is the ability to open databases directly from online storage. Google Drive, OneDrive and Dropbox are supported. In addition, the application can use FTP/SFTP and WebDAV. So you can organize synchronization of password databases without transferring your information to any to an external company, - everything remains in yours own storage facilities. It should be noted that Keepass2Android does not ask full access to online storage, modestly and tactfully content with access only to personally created files. If desired, you can store the database locally, on your mobile device. You can install plugins in the application. Work with QR codes is supported.

Folders-categories are used to sort data. You can create nested categories, edit records, including using your own additional fields. There is a built-in password generator, which is customizable. You can specify exactly how many and what characters should be in the password. Works in the database good system search.

In addition to the master password, you can use key file. This file provides good protection, however, it can be discovered and copied, unlike a password, which you can store in your own head. The option to quickly unlock a connected database allows you to use only the last three characters of the master password, which saves time when constantly accessing an already open database.

Saved accounts can be accessed in two ways. The first is copying and pasting into an external application via the clipboard. Keepass2Android provides a quick copy option. Second way - system menu, which offers applications for discovering various resources. When you select Keepass2Android, the program will prompt you to enter a master password, after which it will try to log in and open access. Convenient, but, unfortunately, sometimes difficulties arose here.

As you know, the clipboard can be accessed by third party applications, which creates a certain danger when copying sensitive information through a buffer. That's why Keepass2Android includes its own secure keyboard that prevents keyloggers from intercepting passwords. The keyboard, to be honest, is so-so, and in order to get the Russian language on it, you will have to wander around system settings. By default, it only understands English and Chinese.


Symantec is a fairly well-known company in the field of information security. She also did not ignore the problem of saving account information and created her own password manager. Application Norton Identity Safe It requires a Norton account to work, fortunately it is free.

A built-in secure browser is used to surf the network. Surfing goes without problems, sites are displayed quite correctly. For any open site, you can view its security rating, determined by Symantec based on reports of suspicious behavior certain resources. Security is also manifested in automatic scanning of traffic to detect viruses and phishing links. This is a unique feature among those in our review. Otherwise, the browser is very simple and inferior to market leaders. Norton Identity Safe offers to save passwords directly while surfing, the first time you fill out a form on a visited site. WITH external applications the program works through the system menu. For example, if you click on a link to a file that requires authorization to download, you can select the Norton Identity Safe option. The screen for entering your password or PIN will open. After authorization, the program will do everything itself. Of course, this option is not intended for creating new passwords, but for quick access to existing accounts.

The data is stored in a directory divided into several thematic parts. Separate lists are provided - for example, for pairs of logins/passwords, addresses (used when automatic filling forms with delivery addresses in online stores). The Wallet section is designed to store credit card data and other payment information. There's even a section for secure text notes. Records in the Wallet section can be linked to records from “Addresses” - this is good for purchases, since it immediately combines all the necessary data. You won’t get confused here and you won’t accidentally order something home from your work card.

There is a “Favorites” option in which you can save links to any frequently used entries: convenient when your catalog turns out to be really large. To quickly access the application database, in addition to the standard master password, you can set an additional PIN code. For data synchronization, the Norton online service is designed, additionally protected by two-step authentication.

Let's summarize. Frankly speaking, such a sensitive area as password security inevitably increases the degree of conservatism when choosing the appropriate tool. In my opinion, beginners deserve a chance, but it is better to use more or less proven software every day.

A brand new app is only interesting if it offers truly unique features.

So if you need good functionality and you are a supporter of free software, you are heading straight to the KeePass options. The KeePass Droid app has been on the market a little longer, but Keepass2Android is much more functional. Among purebred branded solutions, the most successful conditions and even a browser with built-in protection are offered by Symantec Norton Identity Safe. Overall it turned out pretty good free product from a famous developer. Otherwise, the functionality of the application is not record-breaking. However, such simplicity has its convenient sides: since the program’s interface is English, a large number of settings could create some inconvenience. If you want a free “firm”, this application is what you need.