• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
Restore Privacy

Restore Privacy

Resources to stay safe and secure online

  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
  • News
  • Tools
    • Secure Browser
    • VPN
    • Ad Blocker
    • Secure Email
    • Private Search Engine
    • Data Removal
      • Incogni Review
    • Password Manager
    • Secure Messaging App
    • Tor
    • Identity Theft Protection
    • Unblock Websites
    • Privacy Tools
  • Email
    • Secure Email
    • ProtonMail Review
    • Tutanota Review
    • Mailfence Review
    • Mailbox.org Review
    • Hushmail Review
    • Posteo Review
    • Fastmail Review
    • Runbox Review
    • CTemplar Review
    • Temporary Disposable Email
    • Encrypted Email
    • Alternatives to Gmail
  • VPN
    • What is VPN
    • VPN Reviews
      • NordVPN Review
      • Surfshark VPN Review
      • VyprVPN Review
      • Perfect Privacy Review
      • ExpressVPN Review
      • CyberGhost Review
      • AVG VPN Review
      • IPVanish Review
      • Hotspot Shield VPN Review
      • ProtonVPN Review
      • Atlas VPN Review
      • Private Internet Access Review
      • Avast VPN Review
      • TorGuard Review
      • PrivadoVPN Review
    • VPN Comparison
      • NordVPN vs ExpressVPN
      • NordVPN vs PIA
      • IPVanish vs ExpressVPN
      • CyberGhost vs NordVPN
      • Surfshark vs NordVPN
      • IPVanish vs NordVPN
      • ExpressVPN vs PIA
      • VyprVPN vs NordVPN
      • CyberGhost vs ExpressVPN
      • NordVPN vs HideMyAss
      • ExpressVPN vs ProtonVPN
      • Atlas VPN vs NordVPN
      • ExpressVPN vs Surfshark
      • NordVPN vs Proton VPN
      • Surfshark vs CyberGhost
      • Surfshark vs IPVanish
    • Best VPNs
      • Best VPN for Torrenting
      • Best VPN for Netflix
      • Best Free VPN
      • VPN for Firestick TV
      • Best VPN for Android
      • Best VPN for Gaming
      • Best VPN for PC
      • Best VPN for Disney Plus
      • Best VPN for Hulu
      • Best VPN for Mac
      • Best VPN for Streaming
      • Best VPN for Windows
      • Best VPN for iPhone
    • VPN Coupons
      • ExpressVPN Coupon
      • NordVPN Coupon
      • Cyber Monday VPN Deals
      • NordVPN Cyber Monday
      • Surfshark VPN Cyber Monday
      • ExpressVPN Cyber Monday
    • VPN Guides
      • Free Trial VPN
      • Cheap VPNs
      • Static IP VPN
      • VPN Ad Blocking
      • No Logs VPN
      • Best VPN Chrome
      • Best VPN Reddit
      • Split Tunneling VPN
      • VPN for Binance
      • WireGuard VPN
      • VPN for Amazon Prime
      • VPN for Linux
      • VPN for iPad
      • VPN for Firefox
      • VPN for BBC iPlayer
    • By Country
      • Best VPN Canada
      • Best VPN USA
      • Best VPN UK
      • Best VPN Australia
      • VPN for Russia
    • VPN Router
  • Password
    • Best Password Managers
    • Comparisons
      • NordPass vs 1Password
      • 1Password vs LastPass
      • NordPass vs LastPass
      • RoboForm vs NordPass
      • 1Password vs Bitwarden
      • Dashlane vs NordPass
      • 1Password vs Dashlane
      • NordPass vs Bitwarden
    • KeePass Review
    • NordPass Review
    • 1Password Review
    • Dashlane Review
    • RoboForm Review
    • LastPass Review
    • Bitwarden Review
    • Strong Password
  • Storage
    • Best Cloud Storage
    • pCloud Review
    • Nextcloud Review
    • IDrive Review
    • SpiderOak Review
    • Sync.com Review
    • MEGA Cloud Review
    • NordLocker Review
    • Tresorit Review
    • Google Drive Alternatives
  • Messenger
    • Secure Messaging Apps
    • Signal Review
    • Telegram Review
    • Wire Review
    • Threema Review
    • Session Review
  • Info
    • Mission
    • Press
    • Contact
If you buy through links on this site, we may earn a commission, which helps support our mission.

KeePass Review 2023 – Open Source, but Lacking Features

January 4, 2023 By Heinrich Long — 15 Comments
KeePass Review

Most major password managers we’ve reviewed so far follow a similar path: they utilize an intuitive, simple-to-use user interface (UI), provide different plans for different users, and offer their products at a tiered pricing model – making it easy to set up and scale up/down your plan if necessary.

At the same time, some aren’t particularly user-friendly nor pretty to look at, but once you overcome the initial learning curve you’ll find out that it’s a fantastic piece of software you can’t live without.

KeePass is one of those password managers and if you wish to find out more about it, keep reading this review.

We’ll start by saying that KeePass is cost-free, open-source, and able to give you complete control over your passwords and other sensitive data. It might not be the most user-friendly solution out there (to put it mildly), but it makes up for it with a high level of flexibility, customizability, and overall control.

WebsiteKeepass.info
PlatformsWindows, macOS, Linux, Android, iOS
Browser extensionsOnly via plugins
Free versionYes
EncryptionSHA-256
SupportCommunity forum
PriceFree

If you think that KeePass is worth a look, here’s a short list of its main pros and cons:

+ Pros

  • 2FA and MFA support
  • All data is encrypted on your device
  • Completely free and open-source software
  • Data encrypted in transit and at rest
  • Multiple sync strategies are available
  • Strong on security
  • Wide variety of powerful plugins

– Cons

  • No standard customer support channels
  • Not particularly beginner-friendly
  • Setup can be time-consuming
  • Outdated UI

KeePass feature summary

KeePass Main Features

Here’s a summary of KeePass core features:

  • Data is encrypted on your device
  • Data encrypted in transit and at rest (E2E) with AES-256, ChaCha20, SHA-256, AES-KDF, and Argon2
  • Encrypts the complete database
  • Multi-language support (with over 45 available languages)
  • Multiple optional sync strategies
  • Password import/export
  • Support for 2FA and MFA
  • Strong password generator
  • Password list can be exported to TXT, HTML, XML and CSV format
  • Plenty of powerful plugins
  • Works on Windows and Mono (Linux, macOS, and BSD) with plugins for other OS’ and browsers

Company information

KeePass isn’t published by a company. It is free and open-source (FOSS) software distributed under the terms of the GNU General Public License version 2 or later by the author, Dominik Reichl.

As often happens with FOSS software, while the core product is created and maintained by Mr. Reichl, much of the KeePass software is actually created and maintained by others.

Terms of Use, Disclaimer & Privacy Policy

The legal verbiage for KeePass is all available here in English and German. The portion of the document covering Privacy appears to comply with the EU’s GDPR (if you want to be sure, check for yourself).

KeePass does collect some user data. Session-related data is deleted at the end of the session. Some data is collected in logs. The data in the logs is either deleted after at most seven days, or anonymized if kept longer.

For more information, visit the KeePass Legal Documentation page.

Third-Party Audits

KeePass Awards

Given that third-party audits are expensive, and KeePass is free, I didn’t expect to find any such audits. However, as you can see on the Awards, Ratings, and Opinions page, KeePass was audited twice, most recently in 2016. This last was a code review by the EU’s Free and Open Source Software Auditing project, also known as EU-FOSSA 1.

While it would be great to see penetration testing results on KeePass, this code audit, along with the various other audits and awards on this page, are all positive signs for KeePass.

KeePass clients

There are KeePass clients for most operating systems and web browsers. Here’s what the Windows version looks like:

keepass windows

The user interface for KeePass doesn’t appear to have changed much since the birth of the product back in 2003. It appears that the developer has put his effort into improving the functionality of KeePass rather than the appearance. Given that he is a one-man band as it were, that approach makes a lot of sense.

Interestingly, only the Windows version is actually published by Mr. Reichl. All other clients are unofficial releases created by third-party developers. That can be confusing, but it also allows the KeePass ecosphere to evolve much faster than if one person had to do everything himself.

So how do you know which client to use? Your best bet is to go to the KeePass Downloads page and try out any of the Contributed/Unofficial KeePass Ports you find there for the device you are interested in.

You can find KeePass ports for the major operating systems, web browsers, and smartphones, as well as more exotic targets such as Windows Phone, PocketPC, BlackBerry, Sailfish, and others.

KeePass hands-on testing

I tested KeePass on an old Windows 7 machine. Since KeePass isn’t set up to sync between multiple devices by default, I did not attempt to set this up.

There are several approaches you can use, involving various levels of manual configuration. If you decide to use KeePass on multiple devices, you’ll need to go to this page to learn about how KeePass synchronization works and configure one of the sync methods yourself.

Note: KeePass 1.X and 2.X are available for download. Following the publisher’s advice, this review covers KeePass 2.x.

Installing KeePass

I downloaded the installer for KeePass 2.43 from the Downloads page and ran that. The installation was pretty standard at first, but became a bit confusing when it required me to specify where the passwords should be stored and what the file should be called, followed by creating a Composite Master Key:

keepass master key

I can see a typical user throwing up their hands at this point and deciding to try a different product.

After creating the Composite Master Key (which is required to get access to your stored data) I was able to view the empty Windows client, which looks like this:

keepass review for windows

Adding login credentials to KeePass

With the client up and running, it was time to add some login credentials. KeePass gives you two ways to add login credentials.

  1. Import credentials from your web browser or another password manager;
  2. Enter credentials manually.

Note: While we are talking about Login Credentials here, you can enter any other data into KeePass the same way.

Unfortunately, KeePass does not have a feature to capture login credentials. You need to enter the data manually whenever you log in to a site and the data isn’t already in KeePass. While this approach gives you complete control over what and how gets added to KeePass, you may find this to be more of an annoyance than a feature.

Importing login credentials

KeePass can import data from numerous other password managers, as well as Google Chrome and Mozilla Firefox. I tested this capability by importing all my data from Bitwarden. The process only took a couple of minutes and even replicated my Bitwarden folder structure so all my passwords and notes remained organized.

Adding login credentials manually

To add login credentials manually, open KeePass and click the Add Entry button, or press the CTRL+I keyboard shortcut. The Add Entry window appears, and looks like this:

keepass add entry

Enter the username and password you want to use in the provided fields. KeePass will generate a Quality score for the password you enter, making it easy to ensure that you don’t create a weak one.

The best way to avoid creating weak passwords is to use the KeePass Password Generator. Click the Generate a Password button (circled in red in the preceding image) and in the menu that appears, select Open Password Generator.

KeePass password generator

The password generator in KeePass is very powerful and customizable (just like the rest of the product), with tons of options.

keepass password generator

Despite the tons of available options, in most cases, you can just use the default settings, which will give you a very secure password with no fuss or bother.

Auto-type to fill in fields

Wait! We’re not done yet.

KeePass takes a very different approach to enter your data into a web page than other password managers. Whereas they just automatically enter the data into the relevant fields on the page, KeePass Auto-Types on the page.

The system is a little complicated, but the idea is that you give KeePass the exact sequence of keystrokes you would use if you were logging into the site by hand. You program this sequence of keystrokes on this tab in the Add Entry window:

keepass auto type

This may seem like a crazy way to do things. It does make setting up most passwords harder than with other products. The benefit is that you can set up KeePass to work with virtually any login screen, no matter how complicated. You’ll have to decide for yourself whether this is a benefit or a reason to look elsewhere.

Working with your passwords and other data

Once you’ve got login credentials and other data into KeePass, how do you work with that data? Open up KeePass and select the database that contains the data you want to work with. All the data entries are visible when you select the database itself. Or you can select the folder that contains the type of data you are looking for (Secure Notes, for example), and find the correct entry there.

Double-click the entry to open the Edit Entry window. The window is virtually identical to the Add Entry window we looked at earlier, which means you can view or edit anything about that entry in this window.

KeePass in action

To get KeePass to enter your login credentials onto a web page, you need to do a bit more work than with other password managers. Since it is a standalone app instead of a browser extension, you have to tell KeePass what page it needs to fill in.

To get KeePass to enter your Login Credentials, follow these steps:

  1. In your web browser, navigate to the page you want to log into.
  2. Open KeePass, and select the entry for that page.
  3. Click the button circled in red in the following image:
keepass auto type activate

Once you do this, you will see KeePass literally type the data into the appropriate fields and log you in.

Additional KeePass features

Considering that KeePass has over 100 plugins and extensions that you can use with it, talking about additional features doesn’t make a lot of sense.

Aside from the ability to automatically capture Login Credentials (which doesn’t really make sense given the design of KeePass), if you can think of some feature that you would like KeePass to possess, you can probably find a plugin or script that can give you that feature.

There is also a large list of available plugins and extensions.

Background of KeePass

KeePass started its journey as a Windows program. It is written using the programming language C#. C# is a fine language, but it requires some special code from Microsoft (the .NET framework). This makes porting KeePass to other operating systems complicated, requiring yet more specialized software to make it all work. Even with that, KeePass running on other operating systems looks like an old Windows program, rather than a modern Mac or Linux app.

KeePassX was created several years ago to be a Linux version of KeePass named KeePass/L. In 2006, the developers decided to make KeePassX into a cross-platform app (one capable of running on multiple operating systems). Unfortunately, development work on KeePassX stopped in October of 2016.

This caused a group of KeePassX fans to create their own version (a fork) of KeePassX, called KeePassXC.

Meet KeePassXC: The KeePass Cross-Platform Community Edition

KeePassXC Landing Page

Here’s how the developers describe KeePassXC:

“KeePassXC is a community fork of KeePassX, a native cross-platform port of KeePass Password Safe, with the goal to extend and improve it with new features and bugfixes to provide a feature-rich, fully cross-platform and modern open-source password manager.”

To make this happen, KeePassXC is written in C++, which makes it possible to run natively on Windows and non-Windows operating systems.

KeePassXC can read KeePass password databases, making it easy to migrate your passwords over. That said, they are definitely distinct products. The following table lists some of the differences:

keepass vs keepassxc

You can consider KeePassXC as a great alternative to KeePass if you want to run your password manager on multiple operating systems, or you need one of the features in the preceding table. You might also want to consider that KeePassXC is being developed by a team (five members currently), while KeePass is a one-person project.

KeePass Support

KeePass Help Center

Since KeePass is created and maintained by the author, there isn’t a support team like you would get with other password managers. That means no phone support, no Twitter, and no email. If you need help with KeePass, the place to get it is in the KeePass forum on SourceForge.

The other resource you can use if you have problems is the KeePass Help Center.

There is a lot of detailed information here about every aspect of the product. However, much of the information is pretty technical, and may be somewhat confusing for regular users.

Is KeePass secure and private?

KeePass is powerful and flexible. But is your data secure and private if you entrust it to KeePass? Let’s see…

Security

Your KeePass data should be secure against any attacks. It uses AES-256 or ChaCha20 encryption for your data, SHA256 for your key, and further protects against attacks on your password using AES-KDF or Argon2.

Privacy

As we saw during my review of the Privacy Policy, KeePass does collect some data and can hang onto it for a little while. But this is pretty standard, and as the policy says, the data they log is the minimum needed to make the site function. Even this minor risk is mitigated by two points:

  1. KeePass is open-source software. Anyone can examine the code. Since KeePass has an active community of users and developers, it seems likely that someone would notice if there was anything objectionable in the code.
  2. There is no KeePass corporate cloud where your data is stored. About all someone can determine from an attack on KeePass is that you have an account.

How much does KeePass cost?

Nothing. Zip. Nada. That’s right, KeePass is totally free, and so is KeePassXC. However, if you appreciate the work they are doing, both teams will accept donations.

To learn how to donate to KeePass, click here.

To learn how to donate to KeePassXC, click here.

Is KeePass the right password manager for you?

KeePass might not be the right password manager for most people. It is extremely powerful and flexible, but it is also complicated to set up and use.

It is really more of a tool for a software developer, engineer, or other highly technical person who is willing and able to invest the time and energy needed to make the best use of KeePass.

KeePass Alternatives

What password manager should you look at if KeePass doesn’t meet your needs? If you like KeePass, but are concerned with cross-platform compatibility, check out KeePassXC. It is very similar to KeePass, and can read and write the same data. But KeePassXC is designed to run natively on all platforms, does not use Plugins, and simplifies synchronization between devices.

If you like that KeePass is open-source software, but it is too complicated for you, check out Bitwarden. It too is open-source software, but it is far simpler to use than KeePass.

If you like how feature-rich KeePass is but don’t like the complexity, you might like Dashlane. It isn’t open-source, but it is heavy on features, yet much less complicated than KeePass.

KeePass FAQ

Can KeePass be trusted?

Yes, it’s safe to say KeePass is considered secure. With military-grade 256-bit AES or ChaCha20 encryption to safeguard your data, SHA256 for your keys, and AES-KDF or Argon2 as an additional layer of security, your data should be secure against any cyberattacks. Also, your data doesn’t get stored in a cloud which is another plus for overall security. 

Is KeePass free to use?

Yes, KeePass is freeware, which means it’s completely free to download, install, and use. What’s more, it’s an open-source solution as well – its source code can be seen, modified, and shared by anyone. This is why we have access to tons of free plugins for KeePass, many of which are pretty powerful.

 Can KeePass be hacked?

If your device gets infected with malicious software, yes, your KeePass could get hacked. However, given that it employs first-rate types of encryption and there’s no third party to exchange sensitive data with, it’s unlikely to happen. That being said, in 2019, some serious vulnerabilities were discovered in the code of several password managers, KeePass included. Fortunately, this affected Windows 10 users only under the condition that specific malware was installed – and sensitive no user data was stolen. 

Can you get locked out of KeePass?

Unfortunately, yes you can, and if you do, you’re out of luck. With KeePass, you secure your vault with a master password and a so-called key file, so if you somehow manage to forget/lose any of these key components, all your stored data is lost to you. There’s no backdoor, no universal key, no password reset tool, nothing. While cracking your KeePass database could spring to your mind, that might not be the best idea considering KeePassp’s strong protection against brute force attacks and password cracking attempts.

KeePass review conclusion

If you’re looking for a way to store all your passwords on a single computer, KeePass might be worth considering.

However, unless you possess some level of technical know-how that will allow you to tweak it a bit and utilize its full potential, KeePass won’t give you much besides the bare-bones functionality.

It’s also not as straightforward to use as other (mostly proprietary) password managers on the market – so, non-techies stay away.   

On the other hand, if you’re a skilled software developer, cybersecurity professional, or otherwise tech-savvy user who doesn’t get intimidated by the technical nature of software, KeePass should be on your to-do list. With a wide variety of powerful plugins and a committed community, KeePass can be customized to fit any sort of organization.  

Those who want to run their password manager on multiple OS’ should consider KeePass’s first cousin, KeePassXC – it’s somewhat simpler to use but beware of its limitations. 

To find out what are our top picks for the best password managers, check out our guide.

And if you wish to check some of KeePass’s competitors, here is the full list of our password manager content:

  • Bitwarden Review
  • LastPass Review
  • KeePass Review
  • NordPass Review
  • Dashlane Review
  • 1Password Review
  • Best Password Managers
  • How to Create Strong Passwords

This KeePass review was last updated on January 4, 2023.

About Heinrich Long

Heinrich is an associate editor for RestorePrivacy and veteran expert in the digital privacy field. He was born in a small town in the Midwest (USA) before setting sail for offshore destinations. Although he long chafed at the global loss of online privacy, after Edward Snowden’s revelations in 2013, Heinrich realized it was time to join the good fight for digital privacy rights. Heinrich enjoys traveling the world, while also keeping his location and digital tracks covered.

Reader Interactions

Comments

  1. Achkar

    December 30, 2022

    I use Keepass and change file names to the password library and.key. I only trust my own computer. Don’t trust cloud, password managers in all their forms. You will find it very strange. Sometimes privacy and security are sacrificed for convenience. Sometimes convenience is sacrificed for privacy and security. Where is the balance?

    I used to use Keepass XC, but I now think that its interface, operation, and software optimizations are deliberately done by developers to slow down users. I use its password generator to open the door. But I don’t like it now. The upper limit of password generation is only 999

    KeePass password generation, through the numeric input can be more than 30,000, even 31 groups of passwords at a time. But the password library is limited to 2000 words or less. More than that will crash. The higher the password, the more secure it is. As long as there are no backdoors, surveillance, middlemen. What’s a problem that can’t be solved with a longer password? Reject any form of brute force. In a variety of web pages using 2FA, manually enter one at a time to restore the code using light. Don’t give the brute force breakers a chance

    Reply
  2. Ayumu Uehara

    October 31, 2022

    More KeepassXC tips and hidden gems here: [https://phauer.com/2022/keepassxc-tips-hidden-gems/]
    – Autofill.
    – 2FA
    – Entry notes.
    – Store sensitive files.
    – Set decryption time.
    – Download favicons.

    Reply
  3. ?

    July 12, 2022

    KeePassXC is a lot safer and secure on Linux.

    Reply
  4. S

    March 3, 2022

    Is a hardware key the only 2FA option for KeepassXC?

    Reply
  5. SomeDude

    February 23, 2022

    Been using KeePassXC for a couple years now. Note that I’m a network/server admin. It’s probably not for most people but is pretty darn easy to figure out if you spend around 20-30 minutes familiarizing yourself with the program. It’s powerful but kind of tedious to set up as you need to manually input entries. This is to be expected obviously. On my end I handle syncing of the database to other PC’s and my phone using syncthing. Also not a novice piece of software. Keepass2Android is the app I use on my phone. My 2 cents. It’s powerful and incredibly easy. Probably not for the novice though. The syncing of the database will probably be a deal breaker for most.

    Reply
  6. Max

    May 29, 2021

    Is Keepass DX on android from the same developer?

    Reply
  7. Annoyed with paying for inferior PW Managers

    March 1, 2021

    “I would slightly disagree with Heirich on this small issue re ‘target audience’: I am really not a computergeek at all, but I found Keepass really easy to use!

    “I really think this is something for beginners. you don’t need to program or anything etc.”

    I agree.

    I have used RoboForm, LastPass, 1Password, and looked over the Dashlane website trying to find an EASY TO USE, secure password manager on my Windows 10 PC. Based on the reviews that KeePass was difficult, I tried KeePass last just to see how difficult it was.

    From the beginning it was EASY. LOL I kept expecting to run into something that was NOT intuitive.

    Everything on KeePass 2.47 worked and was located exactly where my NONGeek mind expected it to be.

    From installation, to setting the master password, to importing all my passwords, to adding a plugin, KeePass was easier to use than all those so-called “better, user friendly” password managers.

    I love KeePass.

    It looks dated, but it easier to use and functions best.

    KeePass is free, but I now donate to KeePass what I had been paying for RoboForm.

    Reply
    • dave1066

      July 24, 2021

      I agree. I am a not very computer literate Linux user but I realised that using LastPass or any online password manager for serious stuff was mad.

      It is a bit unsmooth, and even the link with the browser (Firefox) can be scratchy. So you do have to open up KeePass when using your computer. Loads of passwords I don’t bother to put in KeePass; they can stay with Firefox. But for the important stuff it is very good.

      I sync the KeePass data base between devices and that keeps them uptodate and backed up.

      Reply
  8. Tommy

    December 16, 2020

    It doesn’t have to be so frustrating when use KeePassXC. I find it easy to use and I love it. It is strong and flexible. Just follow the instruction on https://ssd.eff.org/en/module/how-use-keepassxc.

    Reply
  9. Myki

    September 18, 2020

    Keepassxc is best ever password manager. I am just not a computer geek and I liked its interface, features, security everything. You can generate passwords with any custom characters. You can use best encryption with maximum iterations. Data can be retained local or on cloud (your choice). It’s free. They are even planning to move in future for Argon 2id which is considered most secure algorithm ever. It has password expiry date for every entry so you can set that to update every password frequently. It is open source. Integration with haveibeenpwned is there. Database health reports are there.
    What not to love. Why to give money to Dashlane and 1password when their security and every feature is below the level of keepassxc. 1Password has just one feature Watchtower which can be considered an offering. Dashlane has nothing to offer in terms of features.
    1Password and keepassxc both can have master password and keyfile. Dashlane even don’t offer this functionality. 1Password even don’t use argon2.
    So all in all KeepassXC is well beyond any password manager. There is only Bitwarden that can come close to it but that is also inferior to it as you don’t have an option of local data storage.

    Reply
    • Myki

      September 18, 2020

      And one important thing this review of mine is based on my experience. I have used Dashlane for 3 years, 1Password for 1 year, Bitwarden for almost 3 months. Then I came to know about keepassXC and never looked back. Yeah I forgot to mention there is a new kid in town Myki which may become popular too.

      Reply
  10. A747

    January 25, 2020

    Have been using Keepass in various versions for 4-5 years now, initially Keepass version 2; then, more recently KeepassXC (as using Linux, I didn’t want to be dependent on Mono which is required to run Keepass2 on Linux and possibly a small security risk)

    I would slightly disagree with Heirich on this small issue re ‘target audience’: I am really not a computergeek at all, but I found Keepass really easy to use!
    I really think this is something for beginners. you don’t need to program or anything etc.

    Yes, for obvious reasons, you must have several backups of your database!

    KeepassXC is actively developed and has an excellent browser integration which works very well (as does have Keepass 2 – but perhaps the solution used by Keepass2 – KeePassHTTP-Connector – is perhaps not quite as secure) – so for this reason I am using KeepassXC
    obviously if you have a windows machine perhaps Keepass2 is the version to use…

    Please note that the autotype feature is at times really helpful; for example I have one online bank account that does not allow copy and paste of passwords (!); so I wish you good luck if you have to type a secure/complex password like E8,’2#pYHTZ,CzGto!s=(^<8Gr: … rather than being able just to copy/paste!

    The other major advantage is as compared to a remote password manager hosted on a company's server that you're ok to use this even if no internet connection – or their server down (remember Lastpass?) . That sounds obvious but , is your own internet 100% reliable?? – or you might just want to have access to some otherwise encrypted info or passwords if you need access to your backups on encrypted external hard disk etc.
    Before the Lastpass outage I wasn't sure if I should also go for a commercial password manager but this incident has convinced me to keep Keepass – forgive the pun 🙂

    Reply
  11. Ray

    January 24, 2020

    I’ve used Keypass and I now use KeypassXC. I’m switching back to Keypass however as the interface, while admittedly looking older, is more intuitive. KeypassXC has some really bloomin’ annoying parts to it.

    Reply
  12. RegularGuy

    January 23, 2020

    Why is “No master password recovery options” negative? If we had this option wouldn’t it be easier to hack the file? Thanks for the review. I’ve been using it for a few years and I’m satisfied with its features

    Reply
    • Ben

      May 18, 2020

      I agree that “No master password recovery” is not a negative, as it means there is no potential backdoor. I have been using keepass for a long time as well and love it!

      Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Restore Privacy Checklist

  1. Secure browser: Modified Firefox or Brave
  2. VPN: NordVPN (68% Off Coupon) or Surfshark
  3. Ad blocker: uBlock Origin or AdGuard
  4. Secure email: Mailfence or Tutanota
  5. Secure Messenger: Signal or Threema
  6. Private search engine: MetaGer or Brave
  7. Password manager: NordPass or Bitwarden

About

Restore Privacy is a digital privacy advocacy group committed to helping people stay safe and secure online. You can support this project through donations, purchasing items through our links (we may earn a commission at no extra cost to you), and sharing this information with others. See our mission here.

We’re available for Press and media inquiries here.

Restore Privacy is also on Twitter

COPYRIGHT © 2023 RESTORE PRIVACY, LLC · PRIVACY POLICY · TERMS OF USE · CONTACT · SITEMAP