There is no substitute for a long, complex, hard-to-guess password made up of numbers, letters, and symbols. You also need to use unique passwords for each and every site you visit. But how do you remember a different password for every account? Well, the answer is to use a password manager.
There are so many password managers on the market to choose from. In this guide, we will be looking at KeePass, which is a very popular – and free – password manager. We will see how it compares to other password managers and what features it offers to users.
This KeePass review will answer the following questions:
- Is KeePass safe and secure?
- What features are included?
- Can it be used by beginners and experts alike?
- How much does KeePass cost?
You can find my review summary below for a quick overview of KeePass. If you want more detail, keep reading for the full analysis.
KeePass review summary
KeePass includes many essential and useful features that are great for overall security and functionality. The interface is a bit outdated, especially when compared to other reputable password managers on the market. This makes it less aesthetically pleasing and less intuitive to use.
However, given that this password manager is completely free, we can’t complain. The fact that it’s open-source is also a plus, as we appreciate this kind of transparency.
Not quite as slick as a commercial password manager, KeePass gathers much deserved praise over the way in which it generates and stores encryption keys locally, and the fact that it does not store your passwords on a centralized database that could be susceptible to hacking.
As an open-source program, it is, as already mentioned, free. But in its most basic form, it is only compatible with the Windows platform. And for the vast majority of you, that won’t be a problem.
If, however, you are using Linux or OS X there is an alternative in the form of KeePassX and iOS users are catered for with iKeePass. Android users need not feel left out either as Keepass2Android has been designed to take care of their needs.
Each of these alternatives to the main Windows version falls out of the scope of this article though so be sure to let us know via the comments if you want more info on any of them and we’ll see what we can do to help.
It’s worth highlighting that KeePass offers a wide variety of features, which is impressive, given that the password manager is free.
Here are some of the best features of KeePass:
- KeyPass supports the Advanced Encryption Standard (AES) and the Twofish algorithm
- Portable and no installation required
- The ability to export to various formats, such as TXT, HTML, XML, and CSV
- Import passwords from many file formats
- The ability to create, modify, and delete groups which passwords can be sorted into
- Multi-language support, with over 45 languages available
- Strong random password generator
Security and privacy
The fact that KeePass is open source means its code is up for scrutiny by anyone who cares to look at it. Given the number of gifted coders using such software, that means there is a good chance that any vulnerabilities will not only be spotted but spotted quickly.
Encryption presents itself as a double-edged sword with this password manager – its end-to-end nature means the only person who will ever know your master password is you. The advantage of this is that no one will ever be able to access your password database unless you choose to divulge that password. On the flip side, if you ever forget your own master password you’re in trouble – there is no recovery option.
The AES encryption algorithm is encouraging as this is what the US federal government uses to encrypt top-secret information. The National Security Agency (NSA) also approves its use. AES encryption is practically uncrackable. A hacker, using any available computing power at the moment, won’t be able to deliver a brute-force attack to find out your passwords.
The wide array of plugins that can be added to KeePass allow for a wide range of additional security features to be added including, for example, software keyboards which are an excellent defense for anyone concerned about the possibility of a keylogger being installed on their system.
As mentioned earlier, KeePass’ interface looks quite outdated, and for this reason, it does not always feel intuitive or simple to use. Other major password managers that we review tend to have a more modern, updated interface.
Nonetheless, you get what you pay for. And since in the case of KeePass, you pay nothing and will never have to, a basic, bare-bones user interface is understandable. In spite of its appearance, KeePass does actually include a number of useful features that help to enhance a user’s experience.
Firstly, you can carry KeePass on a USB stick, making it super portable. It can also run on Windows without being installed, which is a nice time-saver. We like that you have the option to create groups for your passwords, as this will help you to organize the different types of passwords you use and be able to easily find them.
The fact that so many languages are supported ensures that most users around the world will be able to use this software. The problem with other password managers is that the number of languages they support is more limited.
There’s very little to say about KeePass pricing. Why? This password manager is completely free. Therefore, the price is $0.
Drawing a conclusion on the usefulness and effectiveness of KeePass is a tricky proposition because of its open-source nature.
As previously mentioned, that has its advantages in terms of security, something that is further enhanced by the inclusion of end-to-end encryption and a lack of a centralized database. These are excellent plus points.
- Its open-source nature lends itself well to security
- It offers end-to-end encryption
- The default encryption method uses a strong AES-265 cipher with SHA-256 hash authentication
- A wide range of plugins are available which can add browser integration and many other features
- A comprehensive FAQs and community support are strong
- Did I mention it’s free?
What’s not so hot
- The user interface is one of the less welcoming I’ve seen – non-technical users may feel intimidated by it. It is nowhere near as polished as a commercial password manager.
- The aforementioned browser integration cannot be achieved as seamlessly as with other password managers.
- Adding in other plugins isn’t as straightforward as it perhaps could be.
- Two-factor authentication (2FA) is not included, which many password managers feature. This helps to add an extra layer of security, preventing a hacker from accessing your KeePass account even if they discovered your master password.
Overall, however, KeePass does a sterling job of keeping your passwords secure and there are few, if any, password managers that can beat it on that front.
You can try it for free and make your own mind up, safe in the knowledge that you will have lost nothing but your time if you discover it’s not for you.
Alternative password managers
If you do decide to pass on KeePass based on some of the above issues or a dislike for it after trying it out, please do go with an alternative such as:
Other tools to enhance your security
Using a password manager is crucial for protecting your online security, but it shouldn’t be the only step you take in this regard. To prevent malicious hackers from compromising your accounts and sensitive information, you should consider supplementing a password manager with the following tools:
Methodology: How we tested KeePass
Testing KeePass very much involved a hands-on approach. We didn’t just regurgitate tests of this provider from other tech websites. Our tests essentially covered three main areas: features, effectiveness, and trustworthiness. Let’s summarize how we tested these in turn.
When we used KeePass, we looked at the kinds of features that were included in this free password manager. We made a note of the crucial features that came with it, as well as those that were missing and which we thought should’ve been included. We also pointed out any additional features that might be helpful from a security or functionality standpoint, or which we would consider a nice bonus.
We made a judgment call about the effectiveness of KeePass in different ways. We tried to see how effective this provider was from a security standpoint. This meant making sure that KeePass had a strong encryption algorithm in place, as well as checking for features like 2FA and biometric authentication. We also spent time using the main features of Dashlane, so we could inform you whether they delivered the promised results and if the interface was simple and easy to use.
Finally, we decided whether or not we could rate KeePass well in terms of trustworthiness. This involved seeing how transparent the provider was about what it promised users, as well as how reliable and helpful their customer support was.
Here is a full description of our testing methodology for password managers.