There is no substitute for a long, complex, hard-to-guess password made up of numbers, letters, and symbols. You also need to use unique passwords for each and every site you visit. But how do you remember a different password for every account? Well, the answer is to use a password manager.
There are so many password managers on the market to choose from. In this guide, we will be looking at KeePass, which is a very popular – and free – password manager. We will see how it compares to other password managers and what features it offers to users.
This KeePass review will answer the following questions:
- Is KeePass safe and secure?
- What features are included?
- Can it be used by beginners and experts alike?
- How much does KeePass cost?
You can find my review summary below for a quick overview of KeePass. If you want more detail, keep reading for the full analysis.
KeePass review summary
KeePass includes many essential and useful features that are great for overall security and functionality. The interface is a bit outdated, especially when compared to other reputable password managers on the market. This makes it less aesthetically pleasing and less intuitive to use.
However, given that this password manager is completely free, we can’t complain. The fact that it’s open-source is also a plus, as we appreciate this kind of transparency.
KeePass features
Not quite as slick as a commercial password manager, KeePass gathers much deserved praise over the way in which it generates and stores encryption keys locally, and the fact that it does not store your passwords on a centralized database that could be susceptible to hacking.
As an open-source program, it is, as already mentioned, free. But in its most basic form, it is only compatible with the Windows platform. And for the vast majority of you, that won’t be a problem.
If, however, you are using Linux or OS X there is an alternative in the form of KeePassX and iOS users are catered for with iKeePass. Android users need not feel left out either as Keepass2Android has been designed to take care of their needs.
Each of these alternatives to the main Windows version falls out of the scope of this article though so be sure to let us know via the comments if you want more info on any of them and we’ll see what we can do to help.
It’s worth highlighting that KeePass offers a wide variety of features, which is impressive, given that the password manager is free.
Here are some of the best features of KeePass:
- KeyPass supports the Advanced Encryption Standard (AES) and the Twofish algorithm
- Portable and no installation required
- The ability to export to various formats, such as TXT, HTML, XML, and CSV
- Import passwords from many file formats
- The ability to create, modify, and delete groups which passwords can be sorted into
- Multi-language support, with over 45 languages available
- Strong random password generator
Security and privacy
The fact that KeePass is open source means its code is up for scrutiny by anyone who cares to look at it. Given the number of gifted coders using such software, that means there is a good chance that any vulnerabilities will not only be spotted but spotted quickly.
Encryption presents itself as a double-edged sword with this password manager – its end-to-end nature means the only person who will ever know your master password is you. The advantage of this is that no one will ever be able to access your password database unless you choose to divulge that password. On the flip side, if you ever forget your own master password you’re in trouble – there is no recovery option.
The AES encryption algorithm is encouraging as this is what the US federal government uses to encrypt top-secret information. The National Security Agency (NSA) also approves its use. AES encryption is practically uncrackable. A hacker, using any available computing power at the moment, won’t be able to deliver a brute-force attack to find out your passwords.
The wide array of plugins that can be added to KeePass allow for a wide range of additional security features to be added including, for example, software keyboards which are an excellent defense for anyone concerned about the possibility of a keylogger being installed on their system.
Functionality
As mentioned earlier, KeePass’ interface looks quite outdated, and for this reason, it does not always feel intuitive or simple to use. Other major password managers that we review tend to have a more modern, updated interface.
Nonetheless, you get what you pay for. And since in the case of KeePass, you pay nothing and will never have to, a basic, bare-bones user interface is understandable. In spite of its appearance, KeePass does actually include a number of useful features that help to enhance a user’s experience.
Firstly, you can carry KeePass on a USB stick, making it super portable. It can also run on Windows without being installed, which is a nice time-saver. We like that you have the option to create groups for your passwords, as this will help you to organize the different types of passwords you use and be able to easily find them.
The fact that so many languages are supported ensures that most users around the world will be able to use this software. The problem with other password managers is that the number of languages they support is more limited.
KeePass pricing
There’s very little to say about KeePass pricing. Why? This password manager is completely free. Therefore, the price is $0.
KeePass conclusion
Drawing a conclusion on the usefulness and effectiveness of KeePass is a tricky proposition because of its open-source nature.
As previously mentioned, that has its advantages in terms of security, something that is further enhanced by the inclusion of end-to-end encryption and a lack of a centralized database. These are excellent plus points.
What’s good
- Its open-source nature lends itself well to security
- It offers end-to-end encryption
- The default encryption method uses a strong AES-265 cipher with SHA-256 hash authentication
- A wide range of plugins are available which can add browser integration and many other features
- A comprehensive FAQs and community support are strong
- Did I mention it’s free?
What’s not so hot
- The user interface is one of the less welcoming I’ve seen – non-technical users may feel intimidated by it. It is nowhere near as polished as a commercial password manager.
- The aforementioned browser integration cannot be achieved as seamlessly as with other password managers.
- Adding in other plugins isn’t as straightforward as it perhaps could be.
- Two-factor authentication (2FA) is not included, which many password managers feature. This helps to add an extra layer of security, preventing a hacker from accessing your KeePass account even if they discovered your master password.
Overall, however, KeePass does a sterling job of keeping your passwords secure and there are few, if any, password managers that can beat it on that front.
You can try it for free and make your own mind up, safe in the knowledge that you will have lost nothing but your time if you discover it’s not for you.
Alternative password managers
If you do decide to pass on KeePass based on some of the above issues or a dislike for it after trying it out, please do go with an alternative such as:
Other tools to enhance your security
Using a password manager is crucial for protecting your online security, but it shouldn’t be the only step you take in this regard. To prevent malicious hackers from compromising your accounts and sensitive information, you should consider supplementing a password manager with the following tools:
Methodology: How we tested KeePass
Testing KeePass very much involved a hands-on approach. We didn’t just regurgitate tests of this provider from other tech websites. Our tests essentially covered three main areas: features, effectiveness, and trustworthiness. Let’s summarize how we tested these in turn.
Features
When we used KeePass, we looked at the kinds of features that were included in this free password manager. We made a note of the crucial features that came with it, as well as those that were missing and which we thought should’ve been included. We also pointed out any additional features that might be helpful from a security or functionality standpoint, or which we would consider a nice bonus.
Effectiveness
We made a judgment call about the effectiveness of KeePass in different ways. We tried to see how effective this provider was from a security standpoint. This meant making sure that KeePass had a strong encryption algorithm in place, as well as checking for features like 2FA and biometric authentication. We also spent time using the main features of Dashlane, so we could inform you whether they delivered the promised results and if the interface was simple and easy to use.
Trustworthiness
Finally, we decided whether or not we could rate KeePass well in terms of trustworthiness. This involved seeing how transparent the provider was about what it promised users, as well as how reliable and helpful their customer support was.
Here is a full description of our testing methodology for password managers.
All KeePass reviews
All Star KeePass reviews
All KeePass positive reviews
All KeePass critical reviews
All related KeePass reviews
See all reviewsIt’s good, i’d suggest it to people, but there is one single thing i have serious problem accepting as a user. It does not have a predefined email field in an Entry! From what i’ve read in older posts, for some reason having to do with compatibility and design issues, the developers refused to add an email field.
Nowadays, the vast percentage of entries in a password manager contain an email field, it’s a must. Denying its existence is a no-no, for me at least. You have the option of adding a custom field if you wish but it is far from convenient since you must manually add it in every entry you enter and there is probably no way for an import process to utilize this field.
I’ve been using KeePass for many years and have never had any issues with the software. I use a Key File which I don’t store on any device which adds an additional layer of protection.
Working on Ubuntu, MS Windows and Android I was desperately seeking for a password manager that can save me the work of redundantly managing my (quite dynamic) password databases. Tried out several password managers and eventually decided to use Keepass. Now I maintain only one database on my local NAS server and each platform tailored version of Keepass uses this one database. I kept the database far from WAN for security reasons, which is not a problem because Keepass works with a local copy of the database. Once back in my own private network it only needs to synchronize if any mutations has been performed. Great comfort!
KeepassXC is a much better product. Fork of Keepass but there are actual developers doing actual improvements. UI is a 1000x better and it works so awesome. Of course source code is open source. KeepassXC has made Keepass actually usable.
Be aware, this application can cause you to loose all your passwords. I changed my password to something new, then got locked out because it would not respond to either the old password of the new one! Lot of lot time! Bad bug. And yes, I’m VERY SURE what the new password was.
A SW engineer who has difficulties using it?! I have used Keepass now for years and find it very easy to use. No bells and whistles as some of the others but it works like a charm, and that’s all I need.
I think KeePass is very easy to use, very logical and love the clutter free interface. I have tried others but always come back to KeePass. I use it on Windows but mostly on Android and IOS. It syncs with no problem at all.
I use Keepass and have done so for some considerable time. I find it dead easy to use and also very intuitive, perhaps it is my warped twisted brain but I cannot see what problems the reviewer is referring to. Only issue I have is in porting it across to another device, I succeeded eventually but struggled for a while to get the program on the second device to import the database.
I use it but hate it. One of the most unintuitive pieces of software I’ve ever used (and I’ve been sw engineer for 25 years). Still it’s free and it does work if you’re patient enough to jump thru all the hoops needed to get it running. It just makes me wonder what the designers were thinking when they designed the interface. Nothing is where it should logically be.