Security Review: Free password manager KeePass

If you’re anything like the average Internet user, you have at least 10 different online accounts – all with their own password. Sure, you might re-use the same passwords here and there, but you still need to remember which one goes with which site.

Thankfully there are lots of great password managers around to help you. However, most come with a fee. And they’re also run by for-profit organizations, which you might prefer not to trust with your data.

Surely there must be a totally free, open-source option available instead?

Well, yes there is. KeePass describes itself as a “free, open source, lightweight and easy-to-use password manager” for Windows. Its certified by the Open Source Initiative (OSI), and it encrypts your passwords using the most secure encryption algorithms out there (AES and Twofish).

So how good an alternative is KeePass to the premium paid password managers you may have already tried? Here’s the ExpressVPN review.

What does KeePass do?

KeePass creates an encrypted database file on your computer. You add the login details for all of your favourite sites to this database, and access with a single master password – just like other password managers. KeePass can also generate secure passwords for you.

The difference with KeePass is you have to manually copy and paste passwords when saving or using them. Your password database is also stored on your own computer, instead of in the cloud. There’s no auto-syncing between devices.

If you need to access your KeePass passwords on multiple computers, you can store your database in Dropbox. You’ll then need to download it on each new computer, along with a copy of KeePass. It’s not as convenient as the auto-syncing features offered by premium services, but at least your data isn’t being behind a pay-wall.

It’s Windows-only… kind of

keepass logo

Right now, the only official version of KeePass is for Windows computers. However, there’s also an unofficial, cross-platform version called KeePassX. It’s still in the alpha stage of development, but KeePassX works with Windows, Linux and Mac OS X too.

How easy to use is KeePass?

keepass screenshot

Compared to premium password managers like 1Password and Dashlane, KeePass is pretty old-school. In fact, it’s reminiscent of old Windows 3.1 and Windows 95 programs, in that when you start the program you’re presented with a sparse grey window that says, “Welcome!” That’s it – there’s no tour or tutorial built in.

It’s not too hard to work out that you need to create a database, set a master password and save your various login details. KeePass probably isn’t for computer novices, though.

There’s a distinct lack of modern features too. With other password managers, you get a browser extension and mobile app to make logging into your sites easy. You can’t really use KeePass on smartphones or tablets.

How secure is it?

KeePass puts you firmly in control of your passwords. It uses trustworthy encryption standards to protect your data, and only your master password can unlock it. So as long as you keep your master password safe, your passwords should be fine – even if someone steals your database.

Verdict: KeePass keeps you in control

Compared to the flashier password managers around, KeePass is weak on usability and speed. But if you want a free, open-source solution and you don’t mind being tied to your desktop, KeePass could be your answer.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>