KeePass Review (2024): Is It Safe and Reliable?

KeePass is simply a escaped and open-source password manager that’s been astir for 20 years. Since its merchandise successful 2003, the password manager’s quality to adhd user-generated plugins and extensions has made it a fashionable enactment for tech enthusiasts implicit the years.

While KeePass offers decent and unafraid password storage, its dated design, deficiency of accepted password seizure and replay and unintuitive exertion marque it hard to urge against much modern password managers.

KeePass pricing

KeePass is simply a wholly escaped password manager that doesn’t person immoderate paid tiers oregon subscriptions. This is successful opposition to competitors similar Bitwarden and Dashlane, that person escaped versions but are constricted successful features compared to their paid counterparts. For example, Dashlane’s escaped mentation lone allows for a maximum of 25 passwords—which means you person to wage for a subscription to store much logins.

One large quality betwixt KeePass and different password managers is that a batch of features aren’t included retired of the box. Instead, users tin customize their KeePass client’s diagnostic acceptable via downloadable plugins from the password manager’s site. Plugins are disposable for capabilities specified arsenic importing and exporting passwords, information backups and car typing.

Is KeePass safe?

Yes, KeePass is safe. It utilizes the gold-standard AES-256 encryption for its database and idiosyncratic vaults. I similar that KeePass encrypts the full database, which means that not lone are passwords encrypted but besides different items specified arsenic usernames and notes.

KeePass is open-source, allowing the nationalist to verify its root codification for imaginable vulnerabilities oregon information holes. This is simply a large diagnostic for privateness enthusiasts, particularly those who worth transparency, arsenic it lets the users and experts collaborate with KeePass successful keeping it a harmless bundle to use.

As of January 2024, KeePass had not been progressive successful immoderate information breach oregon hack. The password manager has been audited successful the European Commission’s Free and Open Source Software Auditing (EU-FOSSA 1) project, which showed that it had zero information issues.

KeePass besides shares that its bundle is installed by default connected each PCs of the national medication of Switzerland and is recommended by the Swiss Federal Office of Information Technology, Systems and Telecommunication. I find that this is simply a meaningful ballot of confidence, particularly since Switzerland’s authorities is known for its beardown privateness laws.

Key features of KeePass

Aside from password retention and password generation, KeePass comes with a fewer cardinal features that marque it unsocial compared to different password managers.

Library of plugins and extensions

Figure A

KeePass Plugins. Image: KeePass

One of KeePass’ biggest selling points is the quality to download and adhd plugins for each user’s KeePass client. These plugins adhd much features oregon modify existing functionality, specified arsenic letting users import oregon export antithetic record formats, changing the KeePass idiosyncratic interface oregon adding autofill capabilities.

Right now, determination are much than 170 downloadable plugins connected the KeePass website. This is cleanable for users who worth being capable to customize their password manager and its diagnostic set.

For me, I similar a password absorption solution that already comes with dedicated features without having to interest astir adding them aft the archetypal installation. If you’re similar maine connected this, 1Password oregon NordPass are password managers with a ton of built-in features.

Local-device password management

Figure B

A KeePass database saved connected my desktop. Image: KeePass

Another standout diagnostic from KeePass is that it is simply a wholly section password absorption system. This means that each your passwords and stored credentials are encrypted locally connected your machine oregon instrumentality of choice. This is successful opposition to different password managers that store passwords successful the cloud, similar 1Password oregon LastPass.

If you’re paranoid astir cloud-based password managers perchance being progressive successful a information breach and leaking your data, KeePass tin beryllium a large solution since everything is stored locally. You tin work our LastPass review to larn much astir however information breaches tin impact a password absorption solution.

KeePass’ all-local implementation tin beryllium a disadvantage since you won’t person the convenience of casual entree to your passwords connected aggregate devices done the cloud.

Auto-Type functionality

Unlike astir modern password managers, KeePass doesn’t person a accepted autofill feature. What it does person is Auto-Type—a planetary auto-type hotkey which automatically types retired credentials successful your chosen relationship pages.

Figure C

Auto-Type. Image: KeePass

Auto-Type works by having KeePass unfastened successful the background, switching to the website and automatically typing retired your login credentials aft you deed a peculiar keyboard shortcut. This is opposed to different password managers that automatically capable retired the username and password fields via a browser hold oregon arsenic a clickable fastener done a pop-up icon.

While seeing KeePass automatically benignant retired my password was chill astatine first, I did find it truly finicky to usage aft a fewer times Because I had to manually acceptable the series successful which the login credentials are to beryllium typed, i.e. if the username oregon password goes first, determination were times that KeePass couldn’t benignant my details successful the due fields.

Despite Auto-Type being a unsocial enactment instrumentality that I haven’t encountered connected different password managers, I honestly recovered manually copying and pasting from the KeePass lawsuit to beryllium a amended alternative.

KeePass authentication and information options

KeePass comes with 2 main multi-factor authentication (MFA) options: cardinal record and linking a Windows idiosyncratic account. A cardinal record is simply a record that you tin prevention either connected your computer, USB flash thrust oregon immoderate different device, which acts arsenic an further request successful tandem with your maestro password to entree your database.

Figure D

Authentication options. Image: KeePass

You tin acceptable your KeePass vault oregon database to lone unfastened if you’re logged into a circumstantial Windows idiosyncratic account. I would person preferred it if KeePass had much MFA options similar 1Password’s fingerprint verification oregon NordPass’ authenticator app integration.

While you tin download two-factor authentication (2FA) oregon One-Time Password (OTP) plugins, I deliberation having these authentication options baked wrong the app itself is much idiosyncratic friendly. This saves users the clip of having to prime which plugin is the best, particularly since astir competitors person these readily disposable erstwhile installed.

For information options, I similar that KeePass has a timer for whenever you transcript passwords disconnected your database. At default, KeePass automatically removes immoderate copied credential from the clipboard aft 12 seconds.

There are besides antithetic Enforce Options that fto you acceptable whether you privation your KeePass database to automatically fastener aft inactivity oregon person KeePass pass you whenever a cardinal translation mounting is weak.

Figure E

Enforce options. Image: KeePass

KeePass interface and performance

KeePass’ desktop idiosyncratic interface (UI) falls level successful some plan and easiness of use. Its plan is dated and looks a spot similar legacy-Windows applications from the 2000s. I similar password managers with a sleek and modern UI.

Figure F

KeePass main dashboard. Image: KeePass

KeePass’ exertion is besides not the easiest password manager to usage and learn. Once I installed the application, I got a blank dashboard with nary included guide. There wasn’t a wide tutorial connected however to prevention my archetypal password oregon usage immoderate of KeePass’ features.

Fortunately, determination are video tutorials, guides and forum posts online that outline however to usage KeePass. However, I don’t deliberation the password manager needs to sacrifice ease-of-use to get to their extremity of customizability.

In presumption of performance, I had nary occupation adding caller password entries wrong the KeePass app. The included password generator besides worked without immoderate contented and I similar that there’s nary bounds to password characters.

It’s unfortunate that KeePass doesn’t person accepted autofill and password seizure and replay functionality. Without immoderate plugins, you person to manually input login credentials to prevention caller usernames and passwords. This adds an other measurement to the process compared to thing similar Keeper’s KeeperFill diagnostic that automatically saves and fills successful caller logins upon creation.

KeePass mobile app

KeePass doesn’t person its ain proprietary iOS oregon Android mobile application. However, it recognizes user-generated mobile ports of its service.

Figure G

KeePass ports list. Image: KeePass

This provides users a ton of options successful presumption of KeePass mobile applications. However, this means that there’s nary assurance that a fixed mobile app volition beryllium supported long-term. Each mobile larboard volition besides person varying levels of quality, truthful your mileage whitethorn vary.

KeePass pros

• Completely escaped password manager.
• Open root and secure.
• Highly customizable.
• Downloadable user-generated plugins.

KeePass cons

• Hard to larn and not user-friendly.
• No autofill diagnostic included.
• Auto-Type is simply a spot clunky.
• Multi-factor authentication options are abstracted downloads.
• Design looks a spot dated.
• No authoritative mobile app.

KeePass alternatives

If you find that KeePass isn’t a bully fit, I’ve listed 3 alternate password managers that are worthy a try.

Image: Bitwarden

Bitwarden

If you privation a cloud-based password manager with a generous escaped version, cheque retired Bitwarden. Bitwarden’s escaped mentation allows for unlimited password retention and entree connected an unlimited fig of devices. You besides get beardown zero-knowledge encryption and affordable pricing connected its paid plans crossed the board.

Image: NordPass

NordPass

NordPass is an all-around password manager that doesn’t person galore faults. It has an intuitive idiosyncratic interface, plans for some azygous users and concern and independently audited applications. It besides utilizes the unafraid and much modern XChaCha20 encryption algorithm.

Image: 1Password

1Password

For avid travelers, 1Password tin beryllium a large pick. It comes with a useful Travel Mode diagnostic that lets users fell prime vaults whenever they travel. This is connected apical of its sleek desktop UI and beardown AES-256 encryption. 1Password besides provides 14-day escaped trials crossed each its plans that lets you trial their service.

Who is KeePass for?

KeePass is for users who privation a password manager they tin personalize. With its ample room of downloadable plugins and extensions, KeePass tin beryllium a precise almighty instrumentality for those consenting to instrumentality the clip to maximize its capabilities.

It’s besides a bully prime for idiosyncratic users who are wary of cloud-based password managers and privation a unafraid mode to store their passwords locally.

However, its little than affable idiosyncratic interface, clunky auto-type diagnostic and deficiency of accepted password seizure and replay marque it hard to urge against different apical password managers successful the market. Its locally-stored password retention besides makes it hard for organizations oregon businesses to follow it arsenic a company-wide password absorption solution.

Review methodology

My reappraisal of KeePass progressive a elaborate investigation of its information features and real-world performance. I utilized KeePass connected my idiosyncratic Windows laptop for investigating and hands-on experience.

I rated KeePass connected everything from its password absorption features to its easiness of usage based connected an interior algorithm to get a standing of 3.2 retired of 5 stars. The scoring was based some connected KeePass connected its ain and successful narration to different password managers.