KeePass Review (2020): Manage Your Password Well

KeePass Review Feature Image

KeePass, to some users, is different from other more well-known password managers in quite a few ways. For starters, KeePass is a free and an open-source platform. Also, as a password manager app that has been around for quite a long time, it keeps your password in your laptop, desktop, or mobile devices.

It is said that it is a very powerful and customizable software, and it runs on almost every modern desktop and mobile platform. Many users may be intimidated or put off by KeePass’ highly-technical, open-source nature. Especially when compared to other friendlier interfaces of other password managers.

Company Background

KeePass Screenshot - retaken

KeePass was founded and developed by Dominik Reichl back on 16th November 2003. It is a free and open-source password manager that is made primarily for Windows. It does support macOS and Linux via the use of Mono. There are several unofficial ports for Windows Phone, Android, iOS, and Blackberry devices too.

Back in 2017, Consumer Reports describe KeePass as one of the 4 most widely used password managers. It is quite popular with a lot of tech enthusiast and offer the same level of security as non-free competitors, but is considered more difficult to install.

Criteria

Before settling for any software or app, including software management software, you may want to consider the criteria. We have come up with a few criteria for you to consider before settling for that password management software.

Features

This section covers what features KeePass have as a password management software. Some password management software has plenty of feature, whereas some have very little.

It’s hard to say with the kind of features if you really need it or not. As it all depends on what kind of features you are really looking for in an app.

Privacy and Security

What is a password management software without the security and safety? We’d recommend you to thoroughly research the safety aspect of any password management app’s safety.

Many apps will claim that they are safe and will keep your passwords and other private information under tight security. They love to oversell that feature but in reality they can be some of the worst secret keepers.

Remember to find out and know everything before settling for any password management apps. Else you will have to compromise the safety of your password and private information.

Setup

We will bring you through how to setup this password management app for your devices. Note that the app or software may not be available on all devices and platforms. Although most apps and software are available on every devices, you’ll be surprised at how some may not be able to support it.

At the same time, some people may not be so tech savvy. Hence, they may need help and directions in setting up the app/software on their devices.

Plans and Pricing

This part covers the plans and pricings the password management software have. Some may be free, some requires you to pay. Some have a mix of both.

To be fair, a lot of times the free version has most, if not all of the features the regular users needed for their regular use. If you are someone who has more advanced needs, then the advanced features will be something that you need. Advanced features are usually made to come in paid packages.

Maybe review the packages and see which you will be needing the most. And see if it is within your own budget.

KeePass: Our Review

Here we go. Read out to find out what KeePass has to offer!

The Features Available

When it comes to features, KeePass comes across as one that is basic yet interesting. A quick overview tells us it has the following basic features:

  • 2 Factor Authentication
  • 256 AES Encryption Level
  • Manual Multi Device Sync
  • Backup and Recovery (Plugin only)
  • Password Generator
  • Password Auto-Import (Plugin only)
  • FAQs
  • Multiple Languages Available

KeePass offers 2 free versions of its tools that vary in its basic features available. The 1x is said to be much leaner and may be a good solution for getting started.

However, the 2x version offers a lot more features that covers a wide range of different scenarios and uses. Some of it are only via plugins. Users who have used (or are currently using) KeePass mentioned how it has quite an impressive offering and matches very well to a lot of other password managers.

As a matter of fact, some users mentioned how KeePass surpasses LastPass and Dashlane in terms of its services. The only password management app that surpasses KeePass is Zoho Vault, which offers a considerably more comparable amount. However, keep in mind that open source evolves faster due to its decentralized nature.

You will be wise to consider the learning curve needed for integrating the various plugins (which is more than 100), or scripts and getting familiarized with them. This is relevant in a sense that to in-demand features such as mobile apps and browsers’ extensions that are only available through plugins.

A user mentioned how basically with KeePass’ features is that whatever is not on the box already has a workaround from a plugin, or a 3rd party unofficial development.

By default, it stores the data and information locally on your devices. That is great for security compared to other password management apps that syncs to a cloud service. However, if you wish to have such option, you can configure KeePass to do so accordingly. But you will expect to do some copying and pasting manually on your own.

One good practice will be to put KeePass credentials database on cloud syncing folders like OneDrive and Google Drive. There is no limit to the number of passwords you can create. KeePass also allows you to create as many sub folders as you want to manage your databases.

Safety and Security

KeePass has one of the best security, and is considered a top-notch one at that. They are not particularly shy about its security strength, and they like to show it (check out the awards section on their official webpage).

It checks itself as a program with every run and alerts to see if any of the algorithms fail the test. If you are one of those people who are apprehensive about the open-source model in a security context, you may want to see what KeePass says on its homepage for yourself.

For its security, if provides the following:

  • Supports AES and Twofish, compounding a very high security level.
  • Comes with SHA-256 encryption, which is a 256-bit cryptographically secure one way hash function.
  • Complete database encryption: KeePass encrypts the password fields, and the usernames, notes, and other important details as well.
  • KeePass process memory protection: passwords are encrypted while KeePass is running. The feature prevents the process of dumping any memory to disk by your operating system as a backdoor to reveal or leak your password.

Multiple User Keys

Multiple user keys is useful when it comes to bringing the security to the next level. Below are some of the things that you should know about multiple user keys.

One master password will be used to decrypt the entire database.

Using a key file on its own, or in tandem with the master keyword. Carrying the file in a physical piece of hardware (like in a flash drive) means it is safe from cyber-attacks. Make sure you do not lose it.

You can combine the key file with the master password for a stronger 2 factor authentication encryption. If you lose the key file, the good news is that it does not compromise your database’s security.

Portable and Low-Signature Version

KeePass features a portable version that ca be carried on a pen drive. It can run on Windows OS without any installation needed.

KeePass does not store anything on your system. No new registry keys or INI files are created in a Windows directory.

Deleting KeePass, whether if it is the ZIP or installer package, does not leave a trace of it on your OS.

Import-Export Standards

KeePass is said to do a really good job at taking care of its relatively weak point. Especially when it comes to browser integration with easily importing and exporting data from other password managers.

As a matter of fact, with over 40 vendors included, KeePass may be a leader in this category. The only downside is that you will have to do some manual copying and pasting.

  • Password list can be exported to TXT, HTML, XML, and CSV formats.
  • The XML output can be used in other applications.
  • The HTML output employs CSS to format tables for easy layout changes.
  • The CSV output is fully compatible with most other password safes.
  • The CSVs can be imported by spreadsheet applications like Microsoft Excel.

Setup

If you wish to use KeePass on Windows 10, installing it is smooth and easy. Downloading the desired version is quick and the site is informative and helpful. It is said that KeePass was designed to operate in a windows environment, and it also covers ancient legacy versions (via plugins though).

It is also compatible with Mac iOS, Linux, and other OS out there.

However, there are some issues with KeePass’s overall user experience and user interface (US/UI). The grey Windows 95-style screen that welcomes you once the program is opened. There are no pp-ups, tool-tips or any indication of what you should be doing. You wouldn’t know how to put this tool to good use.

This is the downside to the open-source nature of KeePass. As much as much work has been put into the technical security functionalities, the downside obviously suffered major compromises.

Imagine if you are not a tech wizard and having to use this password manager. It most certainly won’t be comfortable. Other than the main menu ribbon, there is nothing out there to prompt other actions.

The first thing you will want to do is to create a new database by clicking an obscure icon. From there, you can choose which folders to work with.

The password generator interface is equally old fashioned, yet clear and offers the most configurable, detailed password creation out there. You can set and configure just about every aspect of your master password as it is rated in real time by the generator.

As you noticed with KeePass, the level of features and configuration stands up to the paid competitors in the password management universe. An ordinary user will most likely not find a use for most of them anyway.

Plans and Pricing

Let’s be obvious here. KeePass is entirely free regardless of which version you wish to use. There is no fine print here. You will not be up-sold any exclusive features so to speak, so there’s that.

However, you do have the option of making a small donation to support this open-source effort on the website. It is completely voluntary.

The only difference in the plans is that fact that the lighter 1x version and 2x version (sometimes referred to as “pro”) is the number of available features. Its official website does a pretty good job at comparing the 2 versions head to head. All according to various categories and use-cases.

Our Verdict

We will say that KeePass is pretty good for the advanced user who knows a lot about his technology and software. It’s good for the person who loves to play around with his gadgets and software, hence this will be a good choice for that kind of person.

However, if you are not a tech genius, then this password management software is not made for you. There are a lot of other password management software that are on the market currently that are a lot easier to use. If you wish to use one that is not overtly complicated, then this one is not the right one for you.

Another thing that we like about KeePass is that it’s free and has no hidden fees. You will not be up-sold any advanced feature or new add-ons. It’s all available for free, depending on which package you are looking for.

However, as mentioned before, you will be asked to make a donation as it does not charge anyone for membership fee or a monthly subscription. Note that the donation is not obligatory but encouraged.

Frequently Asked Questions (FAQ)

Here are some frequently asked questions (FAQ).

Q: Is it safe to use KeePass?

KeePass appears to very secure because it is an open source and the code is examined by a lot of independent people. Not forgetting to mention, the database that holdsyou’re your passwords are stored wherever you as the user wants it to be.

Q: Can KeePass be hacked?

Yes, KeePass can be hacked. There can be a lot of malicious software around that are made to steal the passwords and other sensitive data from the open-source password manager tool without needing to know the single “master password” that controls any KeePass accounts.

You will, however, need to install KeeFarce (found on GitHub) on your system. Once installed, it waits for you to launch KeePass and logs into KeePass using your master password.

That is when KeeFarce uses common hacking techniques to bypass the master password and extract password data from the KeePass password manager. Once it reaches there, it waits for the user to launch KeePass. Once the user logs into KeePass using their master password, that is when it downloads all your passwords into a .CSV file.

Q: Is KeePass free?

Yes, KeePass is a free and open source (FOSS) password manager. It is a program made especially for Windows. There are versions available for all platforms including macOS, iOS, Android, and Linux.

Q: Is KeePass the best password manager?

We wouldn’t put any password managers as the best one on the market. However, we can say the KeePass is a free, highly customizable, feature-rich open source password manager for tech savvy users. Users who are comfortable with a basic interface, integrating plugins and some manual work. The fact that it is free and open source is really one of the best things about it.

Q: Does KeePass sync across devices?

Yes, you can synch KeePass across all devices you wish to have it on. Get KeePass for all the devices you wish to use. You can download KeePass for desktop, for mobile devices, and for tablets too.

Leave a Comment