KeePass: remember just a single password and encrypt all others

KeePass is undoubtedly the most popular password manager around at the moment, thanks in no small part to its myriad of options that enable outstanding levels of security reliability.
Under GPL v2 license, KeePass is free to users and will remain free. Its source code is available to all coders and developers internationally, ensuring KeePass receives major updates and upgrades with each release.

Keepass 2.43 | Windows Keepass 2.43 | Portable MacPass (Fork) 0.7.9 | MacOS Keepass 2.xx | Linux
Link to official and unofficial software

A straightforward password manager that’s completely free

The principle here is very simple: KeePass saves all your individual passwords in an individual database. This database is in reality an encrypted file. It is only accessible by inputting your correct main password, meaning you only need to remember one such piece of information.
The security associated with access to this database can be further bolstered and enhanced by simply attaching a “key” using a .key file.

A reliable and secure password manager

KeePass is available in two different security versions, providing you with the right level of security for your individual needs. You’ll have the choice of two distinct encryption algorithms for:
• Securing by AES encryption (256-bit key)
• Twofish encryption security (256-bit key + 128-bit blocks)
These two encryption methods are currently the very best available for both public and professional use. However, as you’re well aware, security flaws most often arise from your operating systems, which is why KeePass is reassuringly multiplatform in its making.

A password manager for MacOS, Linux, FreeBSD and Windows

When you talk about an operating system with a mainstream monopoly, you’re also talking about a system that’s almost certainly going to be faced with more attacks to exploit its vulnerabilities.

KeePass has been designed to secure passwords on all your computers, regardless of the platform you’re using. As such, you can work throughout the day on a Windows workstation while you’re at the office and then browse on a MacOS or Linux device at home that evening, all the while using KeePass.

A password manager that’s a must for strengthening security

In addition to ANSSI (National Cybersecurity Agency of France), the Federal Office for Information Technology Security in Germany published a memo for SMEs in 2018 recommending the use of KeePass.

The European Commission ordered a security audit at the inaugural EU-FOSSA (European Free and Open Source Software Audit) in 2016, then did so again in 2019 as part of the third KeePass bug bounty program that dispensed generous rewards to security testers who successfully reported bugs and security vulnerabilities to developers.

In short, KeePass allows you to reach new heights when it comes to security and that’s something we’re very proud to be able to promote.

Manage your passwords on your mobile phone

The database that contains your encrypted passwords can also be synchronised remotely. With the KeePass application successfully installed on your smartphone you can be synchronised from a remote site via FTP on your Blackberry, Pocket PC, Windows 7 Phone, not to mention your Android device.

There are simpler synchronisation solutions for password management offered by others, but these cloud-based alternatives have dubious levels of security in place. Cloud-based solutions such as Dashlane and Lastpass are just two such alternatives that have left many users lacking confidence in security prowess.

KeePass is incredibly reliable alternative to cloud-based password managers, with superior security measures to put your mind at rest.

A user-friendly drag-and-drop interface

For those entries in your database, you’ll be able to drag and drop necessary information so you can enter criteria like usernames and the individual password associated with it. Al entries in the database can be dragged and dropped with absolute ease.

Easier than ever thanks to automated password entry

If you want to save even more time when it comes to those everyday inputting tasks, you can utilise KeePass effectively to streamline things.

You can use KeePass to enter the username and password for a given application or website so that the password manager automatically assigns them to where they’re required whenever you launch said applications or website URLs.

Within the database with your password, you only need to open the context menu by right-clicking on an entry and selecting “perform automatic entry”.

This is the very definition of efficient, while it’s as easy as anything to pre-fill desired login information for any website or piece of software requiring authentication. As always, automatic entry is encrypted and therefore completely secure within the KeePass infrastructure itself, meaning there’s nothing to worry about when it comes to embracing automation.

How often do you change your passwords?

You’d need a very impressive memory to be able to recall all of those pivotal passwords we need in our everyday lives.

It’s obviously not practical or secure to continue to use the same password and username indefinitely for all your authentication needs. However, there’s no need to fret about remembering a host of new information thanks to KeePass, which will manage all your password requirements for you.

For sites or software requiring you to regularly change your passwords, KeePass can keep track of any changes and store your historic passwords in its database entries for reference.

KeePass in more detail: how does it work?

Your passwords are stored in KeePass within its database. This database is an encrypted file in .kdb format for those using version 1, or in .kdbx format for those using version 2.

Each password is assigned an entry in this database, with each entry having several fields that include information such as associated usernames, passwords, URL addresses, not to mention attachments if you’re using version 2. And of course, each of these entries is assigned its own title so it can be easily located within the larger database itself.

Our advice on the best KeePass pick

One of the major flaws that beguile password managers lies with the management of the clipboard when a password is copied/pasted.

With KeePass, you’re able to encrypt passwords in your computer RAM, with the process replacing visible characters with generic asterisks. Unfortunately, this is not enough to guarantee optimal security, but KeePass will only keep a copied password in the clipboard memory for a maximum of 12 seconds.

This temporary approach to storing copied information is a nifty navigation around a particularly thorny security issue that continues to plague password management software.

Lightweight and stable versions of KeePass: the portable version

KeePass is available in two different versions, with each of these available in both classic and portable forms. A portable version of KeePass enables you to enjoy your favourite password manager functionality with a USB key or any other removable storage media device like an SD card.

There’s also no need to install KeePass on the computer you are using when you go portable. Why? Because it is from the USB key or similar device that KeePass will be operating from. However, KeePass 1.x will ask you for GDI+ support if you are using a system that’s older than Windows XP. For KeePass 2.0, you’ll need to install Microsoft.NET Framework 2.0.

Switch from v1 to v2…or make the switch from any other software!

Thanks to a very straightforward import function via TXT or CSV file, you can switch from KeePass version 1 to KeePass version 2 without any hassle whatsoever. It’s just like importing entries from any other password management software should you make the switch and upgrade.

KeePass is therefore compatible with all other import software, provided it offers import and export in TXT or CSV formats. There are also additional plugins available for KeePass that will make importing entries from other password managers a breeze.

For exporting your KeePass managed passwords to other media, you’ll find support for TXT, HTML, CSV and XML formats for maximum convenience.

Do you speak Estonian, Croatian or Galician?

KeePass is available in native form in English, but you can subsequently choose to add official translations to your software thanks to the hard work of our experienced team of volunteers.

In fact, there’s more than 50 additional languages and dialects to choose from. These translation files are available in .lng and .lngx format, depending on which version of KeePass you’re looking to update.

Our advice on securing your environment

We strongly recommend that you check to see if there is a keylogger installed on your system. If there is, it can record all your keyboard strokes, as well as the contents of your clipboard.

This information can contain your KeePass password. Malware such as keyloggers can be detected and removed from your system with the use of cleaning software like Adware or Spybot Search and Destroy.

We highly recommend you carry out some housekeeping in this regards, particularly when you consider that Windows 10 has shared history of user clipboards with the cloud since its v1009 release.

However, the main security flaw that makes your system vulnerable is you! You need to be aware of specialised programs that can break KeePass encryption, thereby discovering your precious passwords.

To this end, KeePass2john, KeePass Self-Bruteforcer and KeeCracker are on hand to provide a tailored solution to this security issue. It’s worth remembering that complex passwords cannot be decrypted by these nefarious malware programs.

Strong and complex passwords allow you to remain safeguarded against malicious data recovery attempts, providing you with priceless peace of mind.

KeePass plugins

Since KeePass is under GPL license and therefore free software, there’s an entire community behind the scenes bringing the project to life with a wealth of useful extensions (plugins) that broaden the horizons of this password manager. Below are just a few examples of such plugins and their uses:

• saving a backup of your database every time it is updated with a new entry.
• compatible use of KeePass across the three major browsers the general public utilises (Chrome, Firefox and Internet Explorer).
• using KeePass on your smartphone, tablet and computers by synchronising them on a cloud containing your database.
• importing and exporting your data to other password manager software is even easier with KeePass.
• the use of certificate protection instead of password protection, allowing for additional security measures to be implemented.
• the database is placed online on a multi-user server that will utilise the following secure protocols:

  • SCP (Secure CoPy)
  • SFTP (SSH File Transfer Protocol)
  • FTPS (FTP SSL/TLS)

It’s worth us mentioning the potential risks associated with using such plugins, with KeePass unable to guarantee the safety of all of them as they have not been included in official security tests and software audits.

You’ll also need to check the source of the plugin author and perform a check with the MD5 hash to make sure plugin content has not been altered, as well as discern whether or not a plugin is the work of an individual with malicious intent. It’s also important you understand that a plugin for KeePass will have access to your database and all of its entries, including all your stored passwords in unencrypted format.

Unofficial KeePass forks and ports also available

A fork is a new software offering created from the source code of another piece of software. KeePass, as an open source software, provides its code for free.

This is why some very interesting forks and porting possibilities have arisen:

KeePassXC: this is a fork based on the old KeePAsX project that came to an end in 2016 and is still under GPL license for Windows, MacOS and Linux.
WinPass: this brilliant port has been designed fr devices running Windows Mobile 8/10.
KeePassB: this port is for the Blackberry platform.
KeePass2Android and KeePassDroid: more porting at work here, only this time for the Android platform.
MacPass: a reference port for the MacOS platform.
KeeWeb: this web application allows you to synchronise your database via Dropbox for access from any device.

In conclusion

Whether you use KeePass to simplify your everyday life, no longer needing to scribble down passwords on random scraps of paper, or you utilise it to increase the security of your access codes, these two areas are major advantages you can enjoy with this software.

The ever-increasing community behind the KeePass open source project are deserving of praise, with their commitment and passion the reason why it’s the most popular encrypted password manager solution out there today.

This popularity has only been made possible by the efforts of this dedicated community who have helped evolve this innovative software over the years.

You can find KeePass in both its Portable and Classic versions for Windows, MacOS X, Linux, BSD and many more operating systems. For porting to other platforms, forks and KeePass plugins, consult the guide for the way to go.

Keepass 2.43 | Windows Keepass 2.43 | Portable MacPass (Fork) 0.7.9 | MacOS Keepass 2.xx | Linux
Link to official and unofficial software