I've been using KeePassXC ever since switching from OSX to Debian Linux. On OSX, I used 1Password and have been an advocate for years.
However, after being forced to upgrade (and pay again) multiple times due to API changes, and the integration stopped working with various browsers, I wasn't a happy customer anymore. KeePassXC works just as good, if not better. I'm using it on Debian, with browser extensions and on iOS (and sometimes even on my old Macbook Pro on OSX). Being FOSS, I'm not afraid anymore that stuff will stop working at some point, because some proprietary API is deprecated.
You might want to checkout BitWarden. A FOSS server exists (even on in Rust, iirc) and there are opensource clients as well (browser plugins maintained by BitWarden). This system is "zero knowledge", the server does not get to see the passwords in normal operation (it does in case of imports, which I think is a huge security flaw one can mitigate by not importing).
Another thing: Keepass(XC) became a snap package on recent Ubuntus. If there's one piece of software I dont want to be a snap package it is this tool. It get slow, ugly and hard to find (in a process tree). This is the last piece of software I want to run in snap.
How do you sync to iOS? Sync issue caused me to switch from keypassxc on Linux to browser based 1Password there. Not thrilled to use browser crypto but sending passwords to myself via Signal was getting old.
I use Keepass2Android, which works great with Nextcloud and handles very well offline usage and subsequent merge of the database. On iOS the experience is much worse: I use KeePassium but it does not connect natively to Nextcloud, so I use BoxCryptor for that. The downside is that if Nextcloud is unreachable, I cannot see my saved passwords. Anyone managed to have a good experience on iOS?
NextCloud actually has awesome plugin, named Passwords. You get everything major players have for free and its simply awesome. You also get team communication (add LDAP/AD to it), REST API, folders, automatic icons etc.
I've been using the original KeePass for a long time. I'm an architect, not a coder/software developer. So my question is a bit naive on this forum, but why is KeePass 10mb installed and KeePassXC 108mb if they do the same thing? I like that KeePass has plugins that I can tailor to my needs. Does KeePassXC make the same security software changes as KeePass? I forgot one more question, can I use KeePass2Android if I switched?
Hi there, I have a genuine question about your comment and I apologize if this comes across as attacking, that is not my intent at all.
> why is KeePass 10mb installed and KeePassXC 108mb
Why does the file size matter? Are the devices you use so short on storage that an extra 100 mb is an issue? Obviously if it was something like 50 GB then yes, that makes sense but in general most HDD's and devices have GB's of empty space.
I am assuming there are ways to turn off health checks to “ Have I Been Pwned”. I never want my local password manager to do outcalls for any reason...
It's just a bash script that used gpg and git. I find it the most KISS solution. Not available on phones but I don't trust my phone with my secrets anyway.
How trusted are the iOS/Android app compared to the "mainstream" desktop clients like KeepassXC ? I'm a bit wary of downloading a "random client" from the App Store. Are those audited/trusted as much ?
Word of warning: Don't use KeePassXC when your co-workers use KeePass2 using a network drive. KeePassXC doesn't support KP2's sync protocol. You'll clobber other people's changes when you save using XC. It took us a few weeks before we noticed that many passwords were missing.
Also a user. Works well in general, although I continue to be sad to see the arrogance during argumenting in an issue that is a valid and necessary usecase for many people using online banking.
https://github.com/keepassxreboot/keepassxc/issues/725
While we're on the subject of password managers ... I'm still looking for one with decent multi-user & group support, with audit trails, which is self-hosted. Bitwarden sounded promising, but I'm put off by their MS based stack and their pricing model. Any other recommendations would be greatly appreciated.
Years ago I used KeePassX. It became stale, ugly, and didn't have a good Android app. KeePassX then moved to .NET, and didn't work well on Linux, so I looked around. I settled on enpass as it was a paid app without a subscription, and withyour choice of sync/backup. Enpass has excellent desktop/mobile apps with sync using your choice of cloud service. I'm very happy with it.
I actually just finished moving from 1Password to Enpass. KeePassXC was in the mix and is nice but what killed it for me was the lack of credit card / template support. Did not like the 1Password move from offline storage to online sync. You can buy a license but it is about $70 or so per platform. Enpass desktop is free and I can sync to my Synology using WebDav. That all said, I really hope KeePassXC vastly improves because I would love love love to use as much OSS as I can.
KeepassX is still written in C++, the project is just dead. I think you are confusing Keepass (.NET) and KeepassX (C++). KeepassXC is a fork of KeepassX.
Another satisfied enpass customer here, also switched from keypass.
Great multi platform support, browser integration, webdav support (makes sync a breeze if you have a webdav server like owncloud, seafile, or a Synology Nas)
Why do people insist on putting everything, even passwords, in folders? I find categorizing files, let alone passwords, into a strict taxonomy a particularly hard job of questionable usefulness.
It would be much handier if we could just tag the records with a number of tags + add a description and/or comment rather than put it in a folder. I always use search rather than manual folder tree navigation anyway.
How does Keepassxc compare to other password managers (passwordstore with gpg-agent/gnome keyring, 1password, Bitwarden, etc) in terms of protecting secrets when the vault is unlocked?
For example, part of data may be held unencrypted in RAM that could be read by OS or other programs. Any use of TPM?
Wait, so there's Keepass, KeepassX and KeepassXC? I understand the X is cross-platform (initially was linux-only) whereas presumably Keepass is win-only; but what's the "community fork" for? Why not improve KeepassX? And why don't KeepassX and Keepass merge now?
Keepass 1 is .NET Framework based. Keepass 2 is .NET Framework and has a Mono build of varying success. 1 and 2 are the originals and still actively developed.
KeepassX has stalled development since 2016 but was a true cross platform desktop client
KeepassXC is the fork of X and at this point in time is lightyears ahead of X.
I'm sure the developers of XC may have wanted to contribute to X but X seems to have been spearheaded by a single developer who stalled on letting other devs become maintainers. So the community forked it.
But to answer the question, it's impossible to merge X and the original because their code bases are in entirely different languages and arguably X doesn't give you anything than the one man dev show.
I used to use KeePass and KeePassXC for years at a time, but the amount of time I have saved not having to mess with syncing issues more than makes up for the ~$30 a year for 1password that always works across windows, linux, ios and mac.
[+] [-] preek|5 years ago|reply
However, after being forced to upgrade (and pay again) multiple times due to API changes, and the integration stopped working with various browsers, I wasn't a happy customer anymore. KeePassXC works just as good, if not better. I'm using it on Debian, with browser extensions and on iOS (and sometimes even on my old Macbook Pro on OSX). Being FOSS, I'm not afraid anymore that stuff will stop working at some point, because some proprietary API is deprecated.
[+] [-] cies|5 years ago|reply
Another thing: Keepass(XC) became a snap package on recent Ubuntus. If there's one piece of software I dont want to be a snap package it is this tool. It get slow, ugly and hard to find (in a process tree). This is the last piece of software I want to run in snap.
[+] [-] mapgrep|5 years ago|reply
[+] [-] siraben|5 years ago|reply
[+] [-] galacticdessert|5 years ago|reply
I use Keepass2Android, which works great with Nextcloud and handles very well offline usage and subsequent merge of the database. On iOS the experience is much worse: I use KeePassium but it does not connect natively to Nextcloud, so I use BoxCryptor for that. The downside is that if Nextcloud is unreachable, I cannot see my saved passwords. Anyone managed to have a good experience on iOS?
[+] [-] berkes|5 years ago|reply
I find the 2fa should be separate, even on a separate device, from the password store.
Which is why I never use this OTP/2FA feature in my favorite passwordmanager Bitwarden.
[+] [-] nicolaslem|5 years ago|reply
[+] [-] majkinetor|5 years ago|reply
[+] [-] room505|5 years ago|reply
[+] [-] jwigg|5 years ago|reply
- I'm not positive I'm understanding your question, but KeePassXC takes security just as seriously as the original KeePass does
- Yes, you can use KeePass2Android, or any other KeePass compatible software. KeePass and KeePassXC use exactly the same database format
[+] [-] varjolintu|5 years ago|reply
- Binaries itself = 9,1M
- Plugins (styles, icon engines etc) = 12M
- Resources (icons, documentation, translations) = 15M
- Libraries (Qt, crypto, Yubikey etc.) = 38M
[+] [-] mytdi|5 years ago|reply
[+] [-] delfinom|5 years ago|reply
[+] [-] jeltz|5 years ago|reply
[+] [-] SamuelAdams|5 years ago|reply
> why is KeePass 10mb installed and KeePassXC 108mb
Why does the file size matter? Are the devices you use so short on storage that an extra 100 mb is an issue? Obviously if it was something like 50 GB then yes, that makes sense but in general most HDD's and devices have GB's of empty space.
[+] [-] Paul-ish|5 years ago|reply
https://keepassxc.org/donate/
[+] [-] rburhum|5 years ago|reply
[+] [-] trabant00|5 years ago|reply
It's just a bash script that used gpg and git. I find it the most KISS solution. Not available on phones but I don't trust my phone with my secrets anyway.
[+] [-] the_svd_doctor|5 years ago|reply
[+] [-] ilitirit|5 years ago|reply
[+] [-] Sander_Marechal|5 years ago|reply
[+] [-] mlukaszek|5 years ago|reply
[+] [-] i_am_proteus|5 years ago|reply
[+] [-] sandreas|5 years ago|reply
On MacOS I use: https://macpassapp.org/ (Open Source)
I always wanted to try: https://www.passbolt.com/ (Self-hostable)
[+] [-] elric|5 years ago|reply
[+] [-] mwexler|5 years ago|reply
[+] [-] awill|5 years ago|reply
[+] [-] 120photo|5 years ago|reply
[+] [-] jeltz|5 years ago|reply
https://github.com/keepassx/keepassx
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] fgonzag|5 years ago|reply
Great multi platform support, browser integration, webdav support (makes sync a breeze if you have a webdav server like owncloud, seafile, or a Synology Nas)
[+] [-] qwerty456127|5 years ago|reply
It would be much handier if we could just tag the records with a number of tags + add a description and/or comment rather than put it in a folder. I always use search rather than manual folder tree navigation anyway.
[+] [-] eric1293|5 years ago|reply
For example, part of data may be held unencrypted in RAM that could be read by OS or other programs. Any use of TPM?
[+] [-] virgilp|5 years ago|reply
[+] [-] delfinom|5 years ago|reply
KeepassX has stalled development since 2016 but was a true cross platform desktop client
KeepassXC is the fork of X and at this point in time is lightyears ahead of X.
I'm sure the developers of XC may have wanted to contribute to X but X seems to have been spearheaded by a single developer who stalled on letting other devs become maintainers. So the community forked it.
But to answer the question, it's impossible to merge X and the original because their code bases are in entirely different languages and arguably X doesn't give you anything than the one man dev show.
[+] [-] gigababe|5 years ago|reply
[+] [-] amedvednikov|5 years ago|reply