KeePass, a pioneer in password managers, is still active and resisting stiff competition, despite the years. What is this free and open source software worth?
KeePass is one of the pioneers of useful, easy-to-access and free Internet, just like the VLC media player or the Audacity audio editing software. Simply opening the program on the computer will bring to mind that good old cubic aesthetic of our old computer stations from the 2000s.
We cannot say that KeePass has evolved greatly over the last two decades, including the options offered, but don’t be fooled by its dated bodywork! This password manager uses military-grade encryption to protect your secret codes.
In short: our opinion on KeePass
The verdict
We liked
- It’s free
- Easily downloadable
- Quick execution (once you master it)
We liked it less
- Unintuitive interface
- Laborious transposition on Mac and smartphone
- The options are to be downloaded (notably 2FA)
KeePass is the default choice in the password manager category, if you have a tight budget or, at least, if you want a free and quickly accessible tool. The software responds to the mission asked of it: store, manage and secure our secret combinations. However, an average user risks being lost when faced with such a crude program.
Although it is not as elegant as a commercial password manager, KeePass deserves to be highlighted for its level of security, its accessibility and its transparency since the software database is protected hackers. However, KeePass remains a limited tool, dedicated to Windows in its most basic form, and can discourage an unsophisticated public, accustomed to modern and intuitive interfaces. Trying KeePass means knowing how to take time, and that is not easy in our time
Getting started with KeePass and the manager interface: it’s dry for novices
Getting started with KeePass is not really user-friendly for newcomers. After installing the software (the latest version is available on KeePass.info, with regular updates), a window with a dated aesthetic appears without any instructions for use. We had a nicer first reception.
KeePass is absolutely not intuitive and a few trips on the web are necessary to understand its functionalities. Nothing alarming either: after a few minutes of acclimatization, we understand perfectly where our database is located. Many options are not available upfront. You will therefore have to download the plugins one by one, and this requires motivation.
Other password managers prompt users to create a master password upon opening and import their codes with a few clicks. This is not the case for KeePass, which would benefit from improving here. Even the French language is not automatically integrated! This shows the gap that exists, in terms of user experience, between this tool and its direct rivals, which are much more welcoming.
To use KeePass in French:
- Go to “View”, “change language”, then click on “Get more language”.
- A window will open to download the appropriate file. Scroll down until you find the French language. You will then need to transfer the downloaded document to the KeePass installer. Otherwise, copy it and drop it after clicking “Open folder”.
After this first maneuver, if you want to learn how to use the password manager, you must go to the KeePass website and search for the tutorial. Here is a summary of the procedure:
- Click “File,” then “New.”
- You will be asked for a master password. This is essential and will be the only one to remember for you. Avoid losing it, because KeePass is no longer accessible if you do not have this code on hand. It is also possible to print it in order to keep a physical copy of the password. We therefore advise you to keep this paper out of sight.
Having completed these steps, you can now launch a first database and store your secret combinations. To create a password and secure it:
- Click on the golden key logo. A window will open.
- If you want to add a password for an online account, go to “Group” and choose Internet (if it’s not the default option).
- Name the database according to the site you want to register (Amazon, La Poste, Impôts, etc.). Indicate your account identifier (your nickname or your email address for example) and add the link to the authentication page of the site in question in the URL space.
You can then choose a password or generate it automatically. Most users, especially those using a password manager for the first time, prefer the 20-character combinations automatically generated by KeePass. It is possible to personalize this code by clicking on the double key logo, adding a specific word or characters.
No autofill on sites
Unfortunately, passwords are not entered automatically on the sites you visit. While other password managers have browser extensions that fill out forms with your credentials, you’ll need to copy the password and then paste it with KeePass.
A double click with the mouse on the database row is enough to copy the combination. The user then has 12 seconds to integrate it into the authentication page of the site they are visiting.
However, it is possible to skip this procedure by launching an automatic entry of identifiers with a right click on the database in question.
Import passwords to KeePass
To import your current passwords into KeePass, click the “File” tab at the top of the window and choose “Import.” KeePass can import password files from over 45 other password managers, including 1Password, Bitwarden, Dashlane, LastPass and RoboForm. KeePass also imports passwords from Chrome and Firefox web browsers.
Move your database
The databases are not stored in the cloud, so you need to move KeePass with you. Back to classic methods, since you have to copy your program onto a storage medium such as a USB key and install it on the new device (it’s much faster than you think) to find all the codes.
KeePass on Smartphone and Mac
KeePass was designed for Windows, we quickly understand this. To install the software on macOS, you must first have Mono, a compatibility layer with Microsoft .NET. Everything is provided on the Keepass.Info website.
The software has no official version on smartphones. However, since the program is free, with open source code, numerous derivatives have been developed and made available free of charge in the same spirit as KeePass.
A list of apps compatible with KeePass – for transferring passwords – is available from the “Download” tab on the software website. Among the best known: KeepassDroid, KeePass2Droid, KeePassDX or even KeepShare for Android smartphones and KeePassium for the iPhone. Other alternatives are available.
The main features of KeePass
KeePass generates and stores your passwords for free. For the rest, you will have to rely on tutorials and plugins to discover and add new features.
| Expected functionality | Answer |
|---|---|
| Is there a free offer? | ✓ |
| Does it manage and store sensitive and personal documents (ID, credit card, etc.) | ✓ |
| Does it automatically fill out forms, including on mobile? | X |
| Can I import browser passwords? | ✓ |
| Can I import passwords from competing password managers? | ✓ |
| Does it analyze password strength and recurrence? | ✓ |
| Is the password manager secure with two-factor authentication (2FA)? | ✓ (to download) |
| Is it possible to share passwords and data with third parties? | X |
| Does it alert in case of password leak? | X |
Who is the KeePass manager for?
KeePass can be recommended to two types of users:
- An Internet user who is only looking to store a few passwords in a safe place, to bring them out from time to time when the opportunity arises: to connect to taxes, to Social Security or to open a sensitive file on his PC, For example.
- A specialist who has the time to personalize and improve his password manager, in order to have a tailor-made tool.
We understand why KeePass has survived the years. The tool simply organizes your accounts in a dashboard, but you shouldn’t expect much more. This is the price for a free service, remember.
How secure is KeePass?
All your passwords are stored in a single database encrypted using your master password. The AES 256-bit encryption standard is renowned for being unbreakable. You benefit from the same level of security as banks, governments and defense companies. KeePass encrypts your data every time it passes between your device and its servers.
KeePass is available in two versions, KeePass 1.x and KeePass 2.x, each with two encryption algorithms (AES + Twofish or ChaCha20).
However, if a keylogger – software that records everything typed on the keyboard – is installed without your knowledge, the criminal will be able to know your combinations. Note that this applies to many password managers.
How much does a KeePass subscription cost?
None ! The KeePass subscription does not exist. This free software is free to use.
Subscribe to Numerama on Google News so you don’t miss any news!