

KeePass
1614 likes
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file.
License model
- Free • Open Source
Application types
Platforms
- Mac
- Windows
- Linux
- BSD
- Mono
Features
KeePass News & Activities
Highlights • All activities
Recent News
- POX published news article about KeePassKeePass 2.57 released with security feature to prevent certain screen captures, and more
KeePass, the free and open-source password manager, has released its latest version 2.57. This upda...
- POX published news article about KeePassKeePass 2.56 has been released with new search box and improved history
KeePass, a widely-used free and open-source password manager, has unveiled its latest version, 2.56...
- POX published news article about KeePassKeePass releases version 2.55 with new comparison features and better passwords import
KeePass, the widely-used open source password manager, has announced the release of its latest vers...
Recent activities
- sebastianpaczoski added KeePass as alternative to Hypervault
- spx300 liked KeePass
- POX added KeePass as alternative to AliasVault
- StruggleYang added KeePass as alternative to Nice Password
- muhammadfarag added KeePass as alternative to Norton Password Manager
- kusarebaita reviewed KeePass
A password manager and generator that is very reliable and really easy to use. People who think such programs are unnecessary don't know what they're missing!
- kusarebaita liked KeePass
Comments and Reviews
Windows users, increase your security: In KeePass go to Tools Options Security check "Enter master key on secure desktop". This helps to defeat keyloggers.
Use Keefox for integration with Firefox browser. It finds the website fields correctly in 99% of instances, which is better than some commercial products like LastPass.
There are a couple of things to know to save you time when installing the plugin. In particular, if you've followed the instructions and it still doesn't open try this: Go go KeeFox Options KeePass tab check "Remember above settings (e.g. when using KeePass portable).Hopefully that should sort it out.
Can it work with Chrome ?
Reply written Aug 27, 2017
Yes, it can work with Chrome. For Chrome, you will need a different plugin, however: ChromeiPass. But, if you value your online security and privacy, I strongly urge you not to use Chrome. It's part of Google's broad suite of software that harvests your personal information. If you want a more privacy-oriented but Chrome-compatible browser, see Vivaldi or, better still, Iridium. For both of those the ChromeiPass plugin should also work.
Using Keepass + a browser plugin is less convenient than using a service that syncs your passwords, e.g. the excellent Bitwarden. People who accept the extra inconvenience of Keepass are generally doing it for the added security and privacy benefits. So why undermine your privacy by letting Google track everywhere you go online and everything you search for?
Reply written May 1, 2018
KeePass have MitM security flaw in update check. KeePass uses, in all versions up to the current 2.33, unencrypted HTTP requests to check for new software versions. An attacker can abuse this automatic update check – if enabled – to “release” a new version and redirect the user to a malicious download page. https://bogner.sh/2016/03/mitm-attack-against-keepass-2s-update-check/
KeePass 2 developer Dominik Reichl has declined to patch a flaw in the password manager's update check as the "indirect costs" of the upgrade (which would encrypt web traffic) are too high -- namely, it'd lose ad revenue. Yes, the implication is that profit is more important than protecting users. https://sourceforge.net/p/keepass/discussion/329220/thread/e430cc12/?limit=25#6b69
[Edited by Distortion, October 15]
That's why users must verify the hashsums!
Reply written Jun 30, 2016
The developer has said that this issue was patched:
"In order to prevent a man in the middle from making KeePass display incorrect version information (even though this does not imply a successful attack, see above), the version information file is now digitally signed (using RSA-4096 and SHA-512). KeePass 2.34 and higher only accept such a digitally signed version information file. Furthermore, the version information file is now downloaded over HTTPS"
http://keepass.info/help/kb/sec_issues.html#updsig
Reply written Oct 15, 2016
Reminds me of a bug report I made in 2017, about plugins being able to bypass the program's primary internet proxy settings; the reply was that "Plugins can basically do whatever they want. There is no way for KeePass to restrict them." Very alarming for an encryption/security program. Since then I have only used one or two very simple plugins, and blocked internet access to KeePass with a software firewall.
https://sourceforge.net/p/keepass/feature-requests/2268/
Reply written Dec 13, 2022
A password manager and generator that is very reliable and really easy to use. People who think such programs are unnecessary don't know what they're missing!
I keep only important passwords in it. Lastpass for less important passwords. And keep the master password on paper. I can remember it also. It has a very fast search. The search plus tags and other features make it a universal tool. People have already figured ways to use it besides passwords. It's portable and small. Can be used to share info between some parties.
As long time user I'm still satisfied. Open source, audited, useful...
It's simple to use. I'll loved it
I made a little introduction video to KeePass for new comers: https://www.youtube.com/watch?v=-0qwYPv0C2Y