In the wonderful world of open-source password managers, there is one that is very popular with librarians and freeware enthusiasts. I named it Keepass.
And you know, when a librarian really likes a piece of software, he can’t help but fork it (that is to say, clone it under a new name). And then it goes to hell, and we can’t find our way anymore. Lol.
This is why today, I suggest you review Keepass LEGACY (the original) and Keepass HERITAGE (the forks).
Be careful though with all unofficial projects. The ones I’m telling you about are safe, but there are more obscure ones that could contain malware, so be careful if you find a new KeePass client unknown to the battalion.
Keepass (the official version)
Keepass 2.x is a free and open-source password manager for personal use that runs locally and uses the AES-256, ChaCha20, and Twofish encryption algorithms. A small bonus: this version 2 of Keepass is validated by ANSSI.
Apart from the enhanced security of the vault, Keepass also offers nice features like the ability to manage multiple user/password databases, perform advanced searches in it, or hunt for duplicates. It also provides options for exporting your database (TXT, HTML, XML, CSV, etc.), importing or transferring from one database to another, which is practical for your backups.
Keepass also offers password generation, automatic clipboard cleaning (to avoid accidental copying and pasting of your passwords), auto-filling via a keyboard shortcut, the possibility of creating triggers (for your workflows), plugins, etc.
You can also go beyond the simple login/password pair and add all the fields that come to mind, such as a bank card number field, CVV, expiration date, recovery key for your Bitcoin wallet, etc.
Keepass 2.x is available for Windows (to install or in a portable version), but also under macOS and Linux thanks to Mono (.NET ported to Linux/macOS).
Please note, version 1.x is not compatible with version 2.x.
Before using a local password manager like Keepass, consider:
- Keep a version of the binary (.exe) in a corner so, in case the software disappears one day, you can still access your wallet.
- Make (secure) backups of your Keepass wallet to avoid losing it in the event of your hard drive failure.
KeePassXC (the cross-platform community client)
Although KeePass is available on Linux and macOS (using Mono), a true cross-platform port called KeePassXC exists and works on macOS, Linux, and Windows.
In terms of functionality, KeePassXC does everything the same as KeePass, integrates into Chrome, Firefox, Edge, Chromium, Vivaldi, Brave, Tor Browser, and offers import functionalities from CSV, 1Password, or the KeePass 1 format.x.
KeePassXC also allows the conservation, generation, and use of 2FA (Multi-factor – TOTP) codes, but be careful to have 2 separate bases: one for your passwords and one for your 2FA codes to avoid putting all your eggs in one basket and weakening your security.
KeepassXC also allows the addition of attachments, YubiKey/OnlyKey support, import, export, and synchronization of shared databases without forgetting the keepassxc-cli command-line client.
And of course, KeePassXC has a much prettier interface, far from the Soviet graphic standards of KeePass 2.x, as well as a dark theme, as dark as your souls.
For specific MacOS customers, you also have KyPass Companion and MacPass.
KeePassX
It was the KeePass alternative client for Linux, but it hasn’t been updated for a long time, so I won’t dwell on it.
KeeWeb
KeeWeb is a web client for KeePass that allows you to access your KeePass password database through an HTML + JS web page that you can host anywhere or keep on your hard drive.
In the web version, you also have BrowsePass, Kee Vault, or even a project called KeePass4Web that you can host on your web server.
KeePass for Android
So I suggest you take a look at KeePassDroid, which is quite simply a port of KeePass for Android. Practical for having your KeePass database on the move with cloud sync (Dropbox, OneDrive, etc.).
Image highlighting the password search functionality in KeePass
I also haven’t forgotten KeePassDX, which is a little prettier and offers the same thing as KeePassDroid with the addition of 2FA (multi-factor) code management, auto-filling of fields, biometric unlocking (fingerprint, facial recognition), etc., etc.
On Android, there is also KeePass2Android and KeepShare.
KeePass for iOS
Under iPhone and iPad, there are also KeePass compatible clients; in this case, KeePassium exists in a free basic version, which offers cloud synchronization, and if you want more advanced functions such as multi bases, you will have to take a small subscription.
Otherwise, on KeePass, you also have the following customers:
Password Safe
PasswordSafe is a KeePass client that integrates perfectly with Gnome Desktop on Linux and includes the basic functionalities of KeePass.
And otherwise?
Well, otherwise, there are many alternative projects around KeePass, more or less maintained, the list of which I give you here:
- Tusk (Chromebook)
- KeePassMobile (J2ME)
- KeePassJ2ME (J2ME)
- KPCLI (Command line)
- And for developers, there is also a KeePassJava2 java library