KeePass Review 2024: Is It a Good Password Manager?

Our Score
6.4
DECENT
Ranked 39th out of 50 password managers
Ranked 39th out of 50 password managers
Updated on: September 14, 2024
Fact-checked by Sam Boyd
Marlene Baiton
Marlene Baiton
Published on: September 14, 2024 Editor
Fact-checked by Sam Boyd

KeePass Review: Quick Expert Summary

KeePass is a secure open-source password manager that’s completely free. It encrypts and stores your passwords on your device rather than on cloud servers, which is great for security-conscious users who prefer to have full control over their login credentials.

However, KeePass lacks many features you’d expect from a top password manager, such as password auto-saving and auditing, password sharing, dark web monitoring, and a native mobile app (only third-party apps are available). It also doesn’t offer many two-factor authentication (2FA) options like biometric login, which my favorite password managers like 1Password and Dashlane both include.

KeePass is also VERY difficult to use. It doesn’t auto-save passwords, and auto-filling is really clunky and unreliable. The top password managers like 1Password make auto-saving and auto-filling super user-friendly — it’s the main reason most people use a password manager in the first place.

Overall, I think there’s little reason to use KeePass when there are so many better password managers available. If you’re an advanced user, and having an open-source or free password manager is more important to you than usability or features, then KeePass is a decent, secure option, but personally, I’d just go with Bitwarden instead. For everyone else, I suggest using one of the best password managers on the market — they’re easier to use and offer far superior overall security.

🏅 Overall Rank #39 out of 50 password managers
🔐 Encryption 256-bit AES
🎁 Free Plan Unlimited passwords
💸 Pricing Free
💰 Money-Back Guarantee N/A
📀 Operating Systems Windows, Android, Mac, iOS, Linux, (Android, iOS — unofficial ports)

KeePass Full Review — Limited Features & Frustrating to Use

KeePass Full Review — Limited Features & Frustrating to Use

KeePass is a secure password manager that offers very limited features. It’s free to use, and security-conscious users will appreciate that it’s completely open-source — anyone can inspect its code for security issues. However, this isn’t a good enough reason to choose KeePass over much better competitors, including Bitwarden, which is also open-source but far superior to KeePass.

Apart from having limited features, KeePass is also very frustrating to use — it lacks a lot of basic functionalities like auto-saving your passwords, and the available features are too complicated to set up for most people. For example, password sharing relies on using a shared database. Setting this up involves several steps, but it doesn’t guarantee security since anyone with access to the database can see your passwords. I’d honestly rather just use a password manager that has a full-fledged sharing feature, like 1Password and Dashlane.

Despite being difficult to use, KeePass might be an appealing option for tech-savvy users who prefer setting up their password manager manually and don’t mind the unintuitive interface and functions.

KeePass Plans & Pricing — It’s Completely Free

While KeePass is free, there are many better, more user-friendly alternatives, such as Dashlane and RoboForm. You could also try a premium password manager with a full range of features, including dark web monitoring and advanced security options, such as 1Password.

KeePass 1.x KeePass 2.x
Price Free Free
Installation needed
Portable (USB) version
Encryption AES/Rijndael, Twofish AES/Rijndael, ChaCha20 (and with plugins: Twofish, Serpent, GOST, …)
OTP
Key file
Auto-type
Biometric authentication

(Windows Hello via plugins)

File attachments

(1 per entry)

(multiple per entry)

Password history
Sync

KeePass Security Features — Open-Source Local Password Storage, but It’s Not Intuitive

KeePass Security Features — Open-Source Local Password Storage, but It’s Not Intuitive

KeePass provides solid security. It’s a “self-hosted” password manager — which means your password vault is stored locally on your device, rather than a cloud server. This setup ensures protection against server-level hacking threats. However, since your password database exists solely only on your device, you should have an antivirus program like Norton to prevent it from being the weakest link in your online security.

KeePass also encrypts your data with the unbreakable 256-bit AES encryption standard. This is standard for every password manager we recommend, and it means you get the same level of security that banks, governments, and security agencies use. KeePass encrypts your data any time it passes between your device and its servers.

KeePass has one of the most customizable password generators on the market. It lets you generate passwords up to 30,000 characters long — which is way higher than most top competitors.

I really like that KeePass gives you a lot of flexibility, allowing you to select the types of characters to include in your passwords. You can choose from uppercase and lowercase letters, digits, special characters, spaces, different types of brackets, and even Latin characters.

Plus, KeePass supports custom characters — you can manually add specific characters you want to include in your passwords if they’re not provided by default. For example, if you want, you can add characters from outside the Roman and Latin alphabets. You can also provide a pattern that KeePass uses as the foundation for your passwords.

KeePass Security Features — Open-Source Local Password Storage, but It’s Not Intuitive

However, like most things about KeePass, its password generation features aren’t the most user-friendly. In order to generate a password, you have to manually launch the generator every time. Unlike Dashlane and 1Password, it’s not possible to generate passwords on the go with a browser extension, which is disappointing and time-consuming.

KeePass doesn’t offer any account recovery options either — you’ll have to set up a new account from scratch if you forget your master password. This can be very inconvenient, especially as competitors like LastPass have very safe account recovery options that mitigate the risk of losing all your passwords.

The best thing about KeePass is that it’s completely free and open-source — security experts have inspected its code, and anyone can check the source code to confirm its legitimacy. However, this is also possible on Bitwarden, another free open-source password manager that offers much better security features than KeePass.

KeePass’s main 2FA option includes secure key files stored on your devices. Your keyfile can be used in combination with your master password to provide a secure login for your account and prevent bad actors from accessing your KeePass vault if they steal your master password.

Other than keyfiles, KeePass allows you to connect your password database with a specific Windows user account, meaning your password vault will only be accessible if you’re logged into a Windows user account that KeePass recognizes.

KeePass Security Features — Open-Source Local Password Storage, but It’s Not Intuitive

Unfortunately, the default KeePass app doesn’t include more intuitive 2FA options like time-based one-time passwords (TOTP) and biometric verification, which top competitors like Dashlane and 1Password offer. That said, it’s possible to set up TOTP authentication with KeePass using one of the many third-party plugins available. But this is not an ideal solution — it requires extra steps that the top password managers don’t require.

While the core KeePass app is fairly limited, there are over 100 plugins for KeePass that add more features. Broadly speaking, these plugins allow you to add functions like account backup, database syncing with various cloud service providers, password auditing, browser integrations, and other utilities.

The plugins give you a lot of flexibility to customize your core KeePass app. But considering that the best password managers like 1Password, Dashlane, and Keeper have most of these basic and advanced features built into their core apps, adding plugins for KeePass can quickly become frustrating. This flexibility can also complicate its use. While the core KeePass app has very basic features, it’s secure and regularly updated — the same can’t be said for many plugins. These are often outdated, leading to potential security vulnerabilities.

KeePass Ease of Use & Setup — Very, Very Complicated

KeePass is one of the most challenging password managers I’ve ever used. While installing the app is easy enough, things quickly become complicated from that point on.

Unlike its top competitors like 1Password, Dashlane, and LastPass, KeePass doesn’t offer any in-app instructions for its settings, such as how to import passwords from other apps. There is a help center with lots of useful guides, but you have to navigate to it any time you need instructions.

To add new passwords, KeePass requires you to manually create new entries or import a spreadsheet (CSV file) of passwords from other password managers. Although the interface for the import option isn’t very intuitive, the feature works as intended.

The most frustrating thing about KeePass is that it doesn’t store new entries automatically. My favorite password managers, 1Password and Dashlane, capture any new logins you create and add them to your vault instantly. With KeePass, you can only add new passwords manually, which is too inconvenient.

KeePass Ease of Use & Setup — Very, Very Complicated

Even worse, KeePass won’t auto-fill login forms for you. Instead, you have to copy the login details from your database and paste them into the login form manually. Another option for filling out passwords is to use KeePass’s Auto-Type feature. Auto-Type simulates keyboard presses to automatically fill out the username and password you need. However, you still have to look for the password entry in your database, right-click it, and select the Auto-Type option for this feature to work. And even then, it failed frequently in my tests, especially when the login form was split into multiple steps. This is unbelievably cumbersome, especially when all the best password managers auto-fill your passwords with complete ease.

There are multiple Android and iOS mobile apps for KeePass, but these are all unofficial ports made by third-party developers. These unofficial ports are more user-friendly than the main KeePass desktop app and even extend some built-in functionalities — the interface for KeePass2Android, for example, is refreshingly clean with a neat, modern feel.

I have to admit, I like KeePass’s unofficial mobile apps, but mainly because they’re free and relatively easy to use. I think these apps offer impressive improvements over the main desktop app. That said, it’s hard to recommend one because they’re all different, they’re built by third-party developers, and they often require plugins to access features that most password managers — like Dashlane and 1Password — provide right out of the box on their mobile apps.

For these reasons, I think KeePass offers one of the worst user experiences out of all modern password managers. Even if you’re tech-savvy like I am, it’s simply too frustrating to make it worthwhile just because it’s free and open source.

KeePass Customer Support — Good Help Center, but No Direct Support

KeePass, being open-source, only offers FAQs, documentation, and forums for user support. These channels feature extensive documentation for the KeePass application and its add-ons, explaining all the main functions.

KeePass has a really good help center. It explains its major features and includes guides on how to install the password manager on different devices. That said, the software is not super easy to navigate, so even with these guides, it might be challenging for those less tech-savvy.

KeePass Customer Support — Good Help Center, but No Direct Support

Regrettably, KeePass doesn’t provide live chat or email support — this isn’t great but it makes sense as it’s an entirely free, open-source program. Your sole avenues for help are the forums and the help center. On the other hand, top-tier brands like 1Password offer a wide range of support channels, including email help, social media interaction (via X/Twitter), a vibrant support community, and a comprehensive knowledge base.

Is KeePass a Good Open-Source Password Manager?

KeePass is a decent open-source password manager — it’s completely free and offers robust security. Sadly, the poorly designed user interface prevents it from making it into my list of top password managers.

There are some things that KeePass does really well. I like that it uses 256-bit AES encryption, which is also used by the best password managers on the market to keep your data safe. And the local-hosted setup for your password vault adds even more security.

But KeePass disappoints greatly in almost every other aspect. Its core app is quite limited, and you only get the bare essentials, like a password generator. If you need options like cloud syncing or password auditing, you have to install third-party plugins separately for each individual feature. And even with plugins, you won’t be able to get useful extras like password sharing (offered with most top password managers, like 1Password, Dashlane, and LastPass).

Most importantly, KeePass is incredibly difficult to use for non-tech-savvy users. It doesn’t autosave your logins, and the only thing close to an auto-fill feature is clunky and didn’t always work in my tests. The app is poorly designed, too, with no visual aids to enable quick navigation.

I only recommend KeePass if you’re specifically looking for an open-source password manager with a plugin framework and don’t mind going through extra steps to access basic password manager functions. But if you’re looking for a more user-friendly open-source password manager, Bitwarden is a much better option. It’s far easier to use and includes a broader range of premium password management features. For the best ease of use, however, my favorite password managers are 1Password and Dashlane.

Frequently Asked Questions

Can KeePass be trusted?

Yes, KeePass can be trusted — it’s a well-maintained password manager, and its source code has been checked for security by many independent developers in the open-source community. New software updates are regularly released for KeePass to make sure its security remains up-to-date.

Besides, KeePass uses industry-standard 256-bit AES encryption, which is the same encryption that premium password managers use to secure your data. In addition, KeePass works completely offline in a local-hosted environment on your devices, so it doesn’t store your data in the cloud where it could be potentially hacked.

However, there are many unofficial plugins for KeePass that are developed by third parties. These aren’t as closely monitored for security, and some haven’t been updated for many years. I strongly advise caution if you want to add plugins to KeePass to extend its limited functionality.

Plus, the features offered by third-party KeePass plugins are already built into most of the top password managers, including 1Password and Dashlane.

Can you get locked out of KeePass?

Yes, you can get locked out of KeePass if you forget your master password. KeePass offers no account recovery options. This means that your only option is to create an entirely new password database if you’re locked out of your previous one.

If you prefer having the option to recover your account, you can check out LastPass, which offers multiple account recovery options along with some top-notch features like password auditing and excellent ease of use.

Can KeePass be hacked?

Yes, KeePass can be hacked, like all other password managers. Some forms of malware can give hackers backdoor access to your computer, which can lead to your KeePass database getting exposed.

But since KeePass doesn’t store any data on the cloud, it’s not easy for bad actors to hack your account if your computer is well-protected overall. I recommend using a high-quality antivirus like Norton to remove any existing malware from your computer and stay safe from future infections. With a malware-free computer, it’s almost impossible for anyone to hack your KeePass account.

Are KeePass plugins safe?

KeePass plugins aren’t always safe. There are over 100 plugins available for KeePass, all made by different developers. As a result, don’t assume that any given KeePass plugin will be safe. The only way to make sure is to review the plugin’s code yourself.

If you don’t understand code, it’s safer to simply avoid installing any KeePass plugins. Unfortunately, this means you’ll be limited to the core KeePass app, which only provides basic functions and lacks many useful features.

Alternatively, you can choose a premium password manager like 1Password or Dashlane. These password managers provide “plug and play” functionality and include all the features you need right out of the box, without requiring any external plugins. They are trustworthy because millions of people use them successfully, and their servers have never been breached by hackers. Plus, they use advanced encryption, zero-knowledge architecture, and strong 2FA to ensure your passwords remain secure from any kind of threat.

KeePass Products & Pricing

KeePass Password Safe Free
$0.00 / year
Bottom Line

KeePass is a secure password manager that’s completely free to use, but it’s missing many industry-standard features and is very difficult to use. It gives you some flexibility, with a highly customizable password generator and the option to install plugins to add more functions. As an open-source program with local data hosting on your devices and strong encryption, it’s a decent solution for tech-savvy and security-minded users. Unfortunately, even basic actions like adding a new password or auto-filling a saved login are needlessly complicated compared to the best password managers. I don’t recommend KeePass for most users, even if you want an open-source password manager. In that case, go with Bitwarden, as it’s far superior and much easier to use. However, if you want a simple, secure, and convenient option, with a much wider range of features, go with a premium password manager like 1Password or Dashlane.

The listings featured on this site are from companies from which this site receives compensation and some are co-owned by our parent company. This influence: Rank and manner in which listings are presented. 
Learn more
About the Author

About the Author

Marlene Baiton is part of the editorial team at SafetyDetectives. She has a decade of experience as a writer and editor over a wide range of niches, from technology to fitness. As a hiking, running, and cycling enthusiast, she loves spending her free time out on the trails or roads with her family.

Password Managers Comparison

9.8
9.6
6.4
6.4
Check the top 3 alternative password managers
Our Score
9.8
Read Review
Our Score
9.6
Read Review
Our Score
9.4
Read Review
KeePass User Reviews

*User reviews are not verified

37 0
Based on 37 reviews in 5 languages 9.8
Language
You can trust the Community! Companies can't ask us to delete or change user reviews.
Bill de Haan
Bill de Haan
Canada
9.0
Happy user since 2003
Windows User
One of the reasons I've stuck with KeePass over the years was that it was the *only* password manager that (a) supported all the platforms I used (Windows, Linux, Android, IOS, Windows Phone, and Blackberry), and (b) it allowed for multiple database files.

That last bit cannot be underscored. I have a general password database that's on my phone, my tablet, my PC, etc. for all my non-critical passwords, like GMail, Outlook, and various websites. But I also have a dedicated database for my bank, my ProtonMail account, Amazon, etc. That database is only on my primary PC (which has rotating backups on encrypted media in locked safes).

What that means is that even if someone (1) stole my phone, and (2) cracked my Android phone security to...Show More
Cryptic Al
Cryptic Al
United Kingdom
10.0
I Love Keepass
Windows User
Granted, there's not a lot of handholding, but once you get over that, the possibilities are endless. I use it with the Kee Chrome plugin (also works with Brave) for storing and autofilling username and password fields.
I now have unique, complex passwords for every site I use, if one was to get compromised, all of my other accounts will be safe.
I also use the KeyOTP plugin to store 2FA / Google authenticator seeds which now get autofilled without messing around with my phone.
For Linux nerds, you can store your SSH private key and passphrase and use it with Pageant for seamless, passwordless access to servers via putty :)
Keepass blows everything else out of the water.
Xege Hah
Xege Hah
Pakistan
9.0
Keepass is best in security for password
Windows User
Keepass manage all passwords securily in encrypted in local device
Pakistan
10.0
Keepass is best in security for password
Windows User
Keepass manage all passwords securily in encrypted in local device
Snash
Snash
Canada
10.0
Pefection
Windows User
I haven't tried anything else. Why try when you know you have the best password software. I have looked at the so called "consumer" grade that friends us and turned them on to KeePass. After 5 minutes of a quick tutorial they will not go back to that other crap. hey even my wife uses it and she is as non techie as they come. So there you go!
Andrew Keating
Andrew Keating
Australia
10.0
KeepassXC, same but better
Linux User
Keepass is actually very easy to learn and the if you wish, use KeepassXC, they have a few improvements worth the shift.
L Jangel
L Jangel
United States
10.0
Love it!
iOS User
I’ve been using KeePass for years. I like the interface 90s feel and am tired of over stylized rounded button fluffy GUIs. The security is where it packs it’s punch. I copy my KDBX to OneDrive and then to my phone. Easy to do and I don’t have to second guess a cloud service having all my passwords and the risk of a service provider security breach.
Mindy
Mindy
Canada
10.0
Excellent UI
Windows User
I don't understand the hate towards the UI, I'm tired of round, overly designed, unnecessarily animated software. This is beautiful as it is functional, with a vintage 90's feel. I love the look of it. It was also easy to use, I don't consider myself too techy but one youtube tutorial was enough to get a simple run-down of the functions, just like any new software I choose to use. I'm switching from Dashlane.
user avatar
Jack Mindy
Yes, yes and again yes!
It looks like standard software, it works like standard software, it has a clean and straightforward interface.

Is this another case of 'uhhh, can only handle iPhone'?

Liek the others, been using it,...Show More
Greg
Greg
United States
10.0
Easy to use
Windows User
Have used Keepass for over 8 years and it works great.
Hugh
Hugh
United Kingdom
10.0
Piece of piss
iOS User
Who cares what it looks like as long as it does the job. Keepass does it so it's a win. I'll never go back to Lastpass and I'd used that for nigh on ten years. All the others might look pretty but as I said what's the point when you get the same functionality with Keepass
Leave a Review
0.0/ 10.0
Please enter your email address to submit your review