Password Safe is a small open source software for Windows (and soon Linux) that allows you to securely store your passwords. Designed by Bruce Schneier, one of the world’s foremost cybersecurity experts, it is super basic, available in multiple languages, and uses Twofish encryption algo with a 256 bit key.
It’s really tough and because the code is open, it is constantly being tested.
Password Safe is Yubikey compatible for two-factor authentication, and unofficial apps for Android, iOS and macOS are also available.
On Windows, the tool can be installed, but is also available in a portable version, including without the use of the registry to be able to carry it around on a USB stick.
The PWSafe base can be saved or synchronized if you want to upload it to a Dropbox or equivalent. You can also import or export your credentials from or to formats like TXT from Keepass, CVS Keepass, XML… etc.
As for backups, you can even automate this by going to Options -> Preferences -> Copy backups. From there, you can set the automatic backup, the location of the backups, their frequency … etc., Etc. Remember of course to deport these backups elsewhere than on your computer in case it is destroyed by an asteroid or a seagull attack.
In addition, it is possible to merge or compare several PWSAFE databases if at any time you need to find your way between several databases. Convenient !
No extension for the browser, but small buttons that you can use to drag and drop the login, password, etc. in the web or application fields provided for this purpose.
The client always locks your keychain file and you can open it using the password which you can also enter with a virtual keyboard to avoid potential keyloggers.
If you are a horse (Hiiiiiii) on the password strategy, know that you can configure everything with small onions and put that by default.
You will understand Password Safe is quite similar to Keepass by virtue of its functioning 100% software compiled in C ++ and capable of operating offline (and not an online service or a script to be deployed on a server like Bitwarden).
Obviously, if you lose your master password, and congratulations, it’s totally screwed up for life. So, memorize the good and preferably go for a nice passphrase.
Also note that Password Safe is able to log passwords. It’s up to you to configure this behavior in Options -> Preferences -> Password history.
Password Safe may seem quite limited, but be aware that many third-party projects have emerged that are capable of using the keychain format.
Password Safe on Mobile
For mobile, you can opt for the iOS Pwsafe client developed by App77 which syncs with iCloud or Dropbox, offers Touch ID / Face ID unlocking and the ability to add new entries or have multiple keychains.
For Android, there is also this client called PasswdSafe which can also be synchronized via your favorite cloud service. He also knows how to manage Yubikey NEOs for double authentication.
You will also find on this page compatible clients sometimes read-only, sometimes read / write. Whether it is online ports for Linux, Go, Python, Java, Perl, but also Perl modules, Python libs… etc. For your custom developments.
If you want, you can have fun with the self-host web version that will give you access to your Password Safe keychain from your server. And I don’t forget the ports for BlackBerry, Windows Phone (Rip), Windows 10 UWP (Universal Windows Platform) either. In short, something to have fun.
What about the command line?
You can use Pwsafe from the command line, but it’s a bit of a hassle. On the other hand, an interesting trick is that it is able to interact with other applications to pass a login / password as an argument.
I return this page to you for more details.
If you are looking for a standalone tool for Windows including a USB key, Password Safe is probably worth trying. It seems limited in functionality at first glance yet if you scratch a little in the options and documentation, you can see that it has nothing to envy to the competition of password managers. The fact that it is open source allows everyone to freely audit the code and Bruce Schneier’s involvement in the project reinforces the seriousness of PwSafe.
There is of course no way for a third party, not even the developers of Password Safe, to recover a password from a locked keychain and the tool.