- Open source
- Large number of plugins
- Ideal for developers
- Ugly interface
- Steep learning curve
- No direct support
Password managers are now an essential part of home security, enabling you to keep your credentials safe and all stored in one place. However, not all password managers are alike; in fact, some, like KeePass, differ considerably from the polished systems produced by big tech companies. Made back in 2003 by German developer Dominik Reichl, KeePass is one of the oldest password managers to have withstood the time test, seen off competition, and spawned its own spinoffs. KeePass is able to securely store an unlimited number of passwords and has an auto-type function to input all your details for you. KeePass is open source software and there’s a vast number of third-party plugins that will enhance your experience. KeePass does all of this for free, so you won’t ever have to pay a single penny.
Your first experience with KeePass will make you feel like you’ve been transported back to a simpler time when Napster was popular, people communicated on AIM, and all software looked like an ugly grey box. Yes, KeePass hasn’t changed cosmetically since those early days and for users used to the slick, colorful apps of today it might be a bit jarring at first. Don’t judge a book by its cover though, as under the hood is a very powerful password manager. KeePass is only available in its default version as a Windows app and despite its retro appearance, it is able to store all the credentials you need. You can group your passwords in folders, add expiry dates, as well as attach files.
The password generation for KeePass is a very powerful and flexible tool allowing you to create passwords whichever way you like. You could even have a password of up to 30,000 characters if you want but obviously this might be overkill when approximately 16 characters is often recommended. KeePass will also asses the strength of your password and even tell you the file size.
KeePass doesn’t let you share passwords directly since everything is stored locally. However, there are a few ways of achieving the same end result. By having the KeePass password database saved on a server or on a shared network drive, multiple users can access the same credentials.
KeePass doesn’t do autofill the same way many other password managers do. Instead of a browser extension detecting a website and inputting your data for you, KeePass instead uses an autotype mechanism. It’s a more complex way of doing things but it has its advantages too. Autotype requires you to input your own keystroke sequence which differs for each website; for example, you’ll want to use your username, tab button, your password, and the enter key in that order. Of course, each website is different so this can become a pain, but the main advantage is that it enables you to login into any website at the press of a button where some password managers fail to get to grips with more complicated login processes. Like so many features of KeePass, it rewards those who put the hard work into it.
Apps & Browser Extensions
Technically KeePass is only available for Windows but due to its open source nature there are ports for just about every possible platform including macOS, Android, iOS, Chromebook, Linux, and for web browsers. All of these are contributed independently and may differ in features and appearances, but they all use the same KeePass core so you shouldn’t have a problem accessing the same database when you switch between them. All of these are ready to download directly from the KeePass website, so you know they’re approved by the developer.
There are a vast number of plugins and extensions that will upgrade your basic KeePass model and turn your regular app into a powerful password manager. You’ll be able to find extensions that add cloud storage synchronization, increased transfer capabilities, and plenty of other features you can add to improve the functionality. It would be nice to have themes to download to make it easier on the eyes but of course, practicality is the most important.
First users will have to choose whether they want to install KeePass 1.x or KeePass 2.x – there’s little reason to go for the older version unless you’re a Mac user who wants a Wine-compatible option since the newer version requires the use of Mono for macOS instead. You’ll next need to set up the master password for your database – you’re able to choose either a standard password or alternatively KeePass allows you to use a key file. With the key file option, you won’t have to type in a long master password every time, the key file works as your password in the form of a file. This means you could have a file stored in a USB stick that you take with you everywhere you go so no one will be able to access your credentials. If you’re really worried about security, you can use both of these methods to require entry to your database.
Importing passwords covers a huge range of files so if you have been using another password manager you shouldn’t have an issue importing anything. Not only is there a large amount of default ways of importing data, but many plugins also provide further options for the few that are not already covered by KeePass. Exporting your passwords is done via a text CSV which is standard, so you shouldn’t have any problems if you wish to convert and go elsewhere.
Security & Privacy
Everything stored in your KeePass database is encrypted locally and no data is stored on a server. KeePass uses industry-standard AES-256 encryption as well as Twofish for KeePass 1.x and ChaCha20 for KeePass 2.x. Every time KeePass is booted up it performs a self-test to see whether all the encryptions and hash algorithms are still working correctly and will warn you if not. Additionally, if this isn’t the kind of security you want you can again go to the plugins on the KeePass website and find added components like ones that give you double the encryption.
Reassuringly, KeePass is used by government agencies in France, Germany, and Switzerland so if it’s good enough for international governments to use then you know that it should more than suit your needs.
The amazing thing about KeePass is that it’s completely free; nothing is hidden behind payment plans. However, if you are feeling generous and you’re enjoying the application then you can donate directly to help KeePass and support future development. KeePass accepts donations from all the major credit cards, PayPal, wire transfers, and the microdonation service Flattr.
Since KeePass is made by one developer, you’re not going to be experiencing live customer support chats or anything like that. In that sense there is no customer service. Although there is an active forum that provides support from other KeePass users. There’s also an extensive help center that has plenty of installation guides, FAQs, and more information than you’ll ever need to know about the software. Be warned, a lot of it isn’t the easiest to understand for novice users.
KeePass is a difficult password manager to evaluate, since it certainly has a target audience for people who love open source software and crafting applications to their own specifications. In that sense it’s great because KeePass is a truly flexible platform with a whole host of ready-made plugins and extensions available to really push the boundaries. If you’re skilled at development, then you have the potential to make KeePass do whatever you want it to.
For inexperienced users though, getting set up is a difficult task and you may feel like you’re never truly getting the most out of it. In that sense you may be better off with using more polished software. Most importantly, KeePass is totally free so at the very least it’s worth testing out for yourself and seeing if it’s the right software for you.