KeePass is a unfastened and open-source password supervisor that’s been round for twenty years. Since its unlock in 2003, the password supervisor’s talent so as to add user-generated plugins and extensions has made it a well-liked choice for tech lovers over time.

While KeePass provides respectable and protected password garage, its dated design, loss of conventional password seize and replay and unintuitive utility make it laborious to suggest towards extra fashionable password managers.

KeePass pricing

KeePass is an absolutely unfastened password supervisor that doesn’t have any paid tiers or subscriptions. This is against this to competition like Bitwarden and Dashlane, that experience unfastened variations however are restricted in options in comparison to their paid opposite numbers. For instance, Dashlane’s unfastened model simplest lets in for a most of 25 passwords—because of this you must pay for a subscription to retailer extra logins.

One large distinction between KeePass and different password managers is that a large number of options aren’t integrated out of the field. Instead, customers can customise their KeePass consumer’s function set by way of downloadable plugins from the password supervisor’s website. Plugins are to be had for functions equivalent to uploading and exporting passwords, knowledge backups and auto typing.

Is KeePass protected?

Yes, KeePass is protected. It makes use of the gold-standard AES-256 encryption for its database and consumer vaults. I really like that KeePass encrypts the entire database, because of this that now not simplest are passwords encrypted but additionally different pieces equivalent to usernames and notes.

KeePass is open-source, permitting the general public to ensure its supply code for conceivable vulnerabilities or safety holes. This is a huge function for privateness lovers, particularly those that price transparency, because it shall we the customers and professionals collaborate with KeePass in retaining it a protected device to make use of.

As of January 2024, KeePass had now not been enthusiastic about any knowledge breach or hack. The password supervisor has been audited within the European Commission’s Free and Open Source Software Auditing (EU-FOSSA 1) venture, which confirmed that it had 0 safety problems.

KeePass additionally stocks that its device is put in by way of default on all PCs of the federal management of Switzerland and is advisable by way of the Swiss Federal Office of Information Technology, Systems and Telecommunication. I in finding that it is a significant vote of self belief, particularly since Switzerland’s govt is understood for its robust privateness rules.

Key options of KeePass

Aside from password garage and password technology, KeePass comes with a couple of key options that make it distinctive in comparison to different password managers.

Library of plugins and extensions

Figure A

One of KeePass’ greatest promoting issues is the power to obtain and upload plugins for each and every consumer’s KeePass consumer. These plugins upload extra options or alter current capability, equivalent to letting customers import or export other record codecs, converting the KeePass consumer interface or including autofill functions.

Right now, there are greater than 170 downloadable plugins at the KeePass web page. This is best for customers who price with the ability to customise their password supervisor and its function set.

For me, I want a password control answer that already comes with devoted options with no need to fret about including them after the preliminary set up. If you’re like me in this, 1Password or NordPass are password managers with a ton of integrated options.

Local-device password control

Figure B

Another standout function from KeePass is that this can be a utterly native password control device. This implies that your whole passwords and kept credentials are encrypted domestically for your laptop or machine of selection. This is against this to different password managers that retailer passwords within the cloud, like 1Password or LastPass.

If you’re paranoid about cloud-based password managers most likely being enthusiastic about an information breach and leaking your knowledge, KeePass generally is a nice answer since the entirety is kept domestically. You can learn our LastPass assessment to be informed extra about how knowledge breaches can have an effect on a password control answer.

KeePass’ all-local implementation generally is a drawback because you gained’t have the ease of simple get right of entry to for your passwords on more than one units in the course of the cloud.

Auto-Type capability

Unlike most current password managers, KeePass doesn’t have a traditional autofill function. What it does have is Auto-Type—an international auto-type hotkey which robotically varieties out credentials to your selected account pages.

Figure C

Auto-Type works by way of having KeePass open within the background, switching to the web page and robotically typing out your login credentials after you hit a selected keyboard shortcut. This is adverse to different password managers that robotically fill out the username and password fields by way of a browser extension or as a clickable button via a pop-up icon.

While seeing KeePass robotically variety out my password used to be cool to start with, I did in finding it actually finicky to make use of after a couple of occasions Because I needed to manually set the collection through which the login credentials are to be typed, i.e. if the username or password is going first, there have been occasions that KeePass couldn’t variety my main points in the correct fields.

Despite Auto-Type being a novel celebration trick that I haven’t encountered on different password managers, I in truth discovered manually copying and pasting from the KeePass consumer to be a greater selection.

KeePass authentication and safety choices

KeePass comes with two major multi-factor authentication (MFA) choices: key record and linking a Windows consumer account. A key record is a record that you’ll be able to save both for your laptop, USB flash force or every other machine, which acts as an extra requirement in tandem along with your grasp password to get right of entry to your database.

Figure D

You can set your KeePass vault or database to simply open if you happen to’re logged into a selected Windows consumer account. I might have most well-liked it if KeePass had extra MFA choices like 1Password’s fingerprint verification or NordPass’ authenticator app integration.

While you’ll be able to obtain two-factor authentication (2FA) or One-Time Password (OTP) plugins, I feel having those authentication choices baked inside the app itself is extra consumer pleasant. This saves customers the time of getting to pick out which plugin is the most productive, particularly since maximum competition have those readily to be had as soon as put in.

For safety choices, I really like that KeePass has a timer for each time you replica passwords off your database. At default, KeePass robotically eliminates any copied credential from the clipboard after 12 seconds.

There also are other Enforce Options that assist you to set whether or not you wish to have your KeePass database to robotically lock after state of no activity or have KeePass provide you with a warning each time a key transformation surroundings is vulnerable.

Figure E

KeePass interface and function

KeePass’ desktop consumer interface (UI) falls flat in each design and simplicity of use. Its design is dated and appears somewhat like legacy-Windows programs from the 2000s. I want password managers with a swish and fashionable UI.

Figure F

KeePass’ utility may be now not the perfect password supervisor to make use of and be told. Once I put in the applying, I were given a clean dashboard without a integrated information. There wasn’t a transparent instructional on how you can save my first password or use any of KeePass’ options.

Fortunately, there are video tutorials, guides and discussion board posts on-line that define how you can use KeePass. However, I don’t suppose the password supervisor must sacrifice ease-of-use to get to their purpose of customizability.

In phrases of efficiency, I had no bother including new password entries within the KeePass app. The integrated password generator additionally labored with none factor and I really like that there’s no prohibit to password characters.

It’s unlucky that KeePass doesn’t have conventional autofill and password seize and replay capability. Without any plugins, you must manually enter login credentials to save lots of new usernames and passwords. This provides an additional step to the method in comparison to one thing like Keeper’s KeeperFill function that robotically saves and fills in new logins upon introduction.

KeePass cell app

KeePass doesn’t have its personal proprietary iOS or Android cell utility. However, it acknowledges user-generated cell ports of its carrier.

Figure G

This supplies customers a ton of choices with regards to KeePass cell programs. However, because of this there’s no assurance {that a} given cell app can be supported long-term. Each cell port may also have various ranges of high quality, so your mileage would possibly range.

KeePass execs

• Completely unfastened password supervisor.
• Open supply and protected.
• Highly customizable.
• Downloadable user-generated plugins.

KeePass cons

• Hard to be informed and now not user-friendly.
• No autofill function integrated.
• Auto-Type is somewhat clunky.
• Multi-factor authentication choices are separate downloads.
• Design appears somewhat dated.
• No reliable cell app.

KeePass possible choices

If you in finding that KeePass isn’t a just right are compatible, I’ve indexed 3 selection password managers which might be price a take a look at.

Bitwarden

If you wish to have a cloud-based password supervisor with a beneficiant unfastened model, take a look at Bitwarden. Bitwarden’s unfastened model lets in for limitless password garage and get right of entry to on an infinite choice of units. You additionally get robust zero-knowledge encryption and reasonably priced pricing on its paid plans around the board.

NordPass

NordPass is an all-around password supervisor that doesn’t have many faults. It has an intuitive consumer interface, plans for each unmarried customers and industry and independently audited programs. It additionally makes use of the protected and extra fashionable XChaCha20 encryption set of rules.

1Password

For avid vacationers, 1Password generally is a nice pick out. It comes with a to hand Travel Mode function that shall we customers conceal make a selection vaults each time they trip. This is on best of its graceful desktop UI and robust AES-256 encryption. 1Password additionally supplies 14-day unfastened trials throughout all its plans that permits you to check their carrier.

Who is KeePass for?

KeePass is for customers who need a password supervisor they may be able to personalize. With its huge library of downloadable plugins and extensions, KeePass generally is a very tough device for the ones keen to make the effort to maximise its functions.

It’s additionally a just right pick out for particular person customers who’re cautious of cloud-based password managers and need a protected technique to retailer their passwords domestically.

However, its lower than pleasant consumer interface, clunky auto-type function and loss of conventional password seize and replay make it laborious to suggest towards different best password managers out there. Its locally-stored password garage additionally makes it laborious for organizations or companies to undertake it as a company-wide password control answer.

Review method

My assessment of KeePass concerned an in depth research of its security measures and real-world efficiency. I used KeePass on my non-public Windows computer for checking out and hands-on revel in.

I rated KeePass on the entirety from its password control options to its ease of use according to an inner set of rules to get a ranking of three.2 out of five stars. The scoring used to be founded each on KeePass by itself and on the subject of different password managers.

roosho Senior Engineer (Technical Services)

I am Rakib Raihan RooSho, Jack of all IT Trades. You got it right. Good for nothing. I try a lot of things and fail more than that. That's how I learn. Whenever I succeed, I note that in my cookbook. Eventually, that became my blog. 

See Full Bio

IT Support Specialist Server and Storage Specialist Dell MidRange Storage Solutions Specialist