AlternativeTo Logo
KeePass icon

KeePass

A free and open source password manager that keeps all of your passwords safe in one place.

  • Mac
  • Windows
  • Linux
  • BSD
  • Mono
Avg rating of 4.3 (45)| 52 comments
Entry Templates Plugin
Main window
Login Screen
Built-in Password Generator
Add entry dialog box
Screenshot
CSV Importer
Options dialog box
 Suggest and vote on features

KeePass Features

  1.  Works OfflineKeePass can be used without the need to connect to the internet.
  2.  PortableKeePass can be used from a USB stick or similar with no prior installation.
  3.  Extensible by Plugins/ExtensionsKeePass can be extended with add-ons, plugins and extensions.
  4.  Password RecoveryKeePass can help you recover your passwords for software applications and hardware devices.

KeePass information

  • Developed byDominik Reichl
  • LicensingOpen Source and Free product.
  • RatingAverage rating of 4.3 (45 ratings)
  • Alternatives205 alternatives listed

Supported Languages

  • English

Our users have written 52 comments and reviews about KeePass, and it has gotten 1540 likes

KeePass was added to AlternativeTo by Markus on and this page was last updated .

Comments and Reviews  Post a comment/review

 all • positive • negative      relevance • date
JohnFastman
  
Top positive comment ago
Copy a direct link to this comment to your clipboard   
If this Review contains spam or other abuse, notify admins about it.   

Windows users, increase your security: In KeePass go to Tools > Options > Security > check "Enter master key on secure desktop". This helps to defeat keyloggers.

Use Keefox for integration with Firefox browser. It finds the website fields correctly in 99% of instances, which is better than some commercial products like LastPass.

There are a couple of things to know to save you time when installing the plugin. In particular, if you've followed the instructions and it still doesn't open try this: Go go KeeFox > Options > KeePass tab > check "Remember above settings (e.g. when using KeePass portable).Hopefully that should sort it out.

2 replies
maxrempel

Can it work with Chrome ?

Reply written ago

If this reply contains spam or other abuse, notify admins about it.   
JohnFastman

Yes, it can work with Chrome. For Chrome, you will need a different plugin, however: ChromeiPass. But, if you value your online security and privacy, I strongly urge you not to use Chrome. It's part of Google's broad suite of software that harvests your personal information. If you want a more privacy-oriented but Chrome-compatible browser, see Vivaldi or, better still, Iridium. For both of those the ChromeiPass plugin should also work.

Using Keepass + a browser plugin is less convenient than using a service that syncs your passwords, e.g. the excellent Bitwarden. People who accept the extra inconvenience of Keepass are generally doing it for the added security and privacy benefits. So why undermine your privacy by letting Google track everywhere you go online and everything you search for?

Reply written ago

If this reply contains spam or other abuse, notify admins about it.   
Show entire comment and 2 replies
18
M_O_Z_G
  
Top positive comment ago
Copy a direct link to this comment to your clipboard   
If this Review contains spam or other abuse, notify admins about it.   

For me, one of the important things in KeePass - encrypted file storage and templating add-on. For example, you could keep account data, related document scans, credit card info in one handy entry and it always will be encrypted. No need to bother with creating extra encrypted volume with VeraCrypt (or something else) to sync it with different devices.

Show entire comment
6
Distortion
  
Top negative comment ago
Copy a direct link to this comment to your clipboard   
If this Review contains spam or other abuse, notify admins about it.   

KeePass have MitM security flaw in update check. KeePass uses, in all versions up to the current 2.33, unencrypted HTTP requests to check for new software versions. An attacker can abuse this automatic update check – if enabled – to “release” a new version and redirect the user to a malicious download page. https://bogner.sh/2016/03/mitm-attack-against-keepass-2s-update-check/

KeePass 2 developer Dominik Reichl has declined to patch a flaw in the password manager's update check as the "indirect costs" of the upgrade (which would encrypt web traffic) are too high -- namely, it'd lose ad revenue. Yes, the implication is that profit is more important than protecting users. https://sourceforge.net/p/keepass/discussion/329220/thread/e430cc12/?limit=25#6b69

[Edited by Distortion, October 15]

2 replies
igenn

That's why users must verify the hashsums!

  • but most of them never do.
  • THEIR fault if they download something fake
  • at least he published it (The checksum in a stupid form though, he says it is readable, good luck with it Dom, read it, i won't!)

Reply written ago

If this reply contains spam or other abuse, notify admins about it.   
Nyagu

The developer has said that this issue was patched:

"In order to prevent a man in the middle from making KeePass display incorrect version information (even though this does not imply a successful attack, see above), the version information file is now digitally signed (using RSA-4096 and SHA-512). KeePass 2.34 and higher only accept such a digitally signed version information file. Furthermore, the version information file is now downloaded over HTTPS"

http://keepass.info/help/kb/sec_issues.html#updsig

Reply written ago

If this reply contains spam or other abuse, notify admins about it.   
Show entire comment and 2 replies
1
manualsrepo
  
Positive comment ago
Copy a direct link to this comment to your clipboard   
If this Review contains spam or other abuse, notify admins about it.   

It's simple to use. I'll loved it

Show entire comment
1
MD98SY
Comment agoPending approval • Edited ago
Copy a direct link to this comment to your clipboard   
If this Comment contains spam or other abuse, notify admins about it.   

I made a little introduction video to KeePass for new comers: https://www.youtube.com/watch?v=-0qwYPv0C2Y

Show entire comment
0
b4st1en
  
Positive comment ago
Copy a direct link to this comment to your clipboard   
If this Review contains spam or other abuse, notify admins about it.   

Very powerful when using plugins, placeholders, advanced properties, commands as URL... I am used to it for many years, and could not do much without it! It also manage TOTP natively, and can be used instead of Authy, Google Authenticator...

Show entire comment
0
ab1
Comment ago
Copy a direct link to this comment to your clipboard   
If this Comment contains spam or other abuse, notify admins about it.   

Don't use KeePass 1.x without Auto-Type TCATO.

https://keepass.info/help/v2/autotype_obfuscation.html

Show entire comment
1
Show more comments
7 of 52 comments

Tags

  • Password Manager
  • Encryption
  • passwords-keeper
  • form-filler
  • local-client

KeePass platform details

Mac

Requires Mono (3.0 or later) and XQuartz (2.7.4 or later); MacOS 10.15 and later can only run 64-bit Mono

Recent user activities on KeePass

AlternativeTo