KeePass Review

Rating:5stars5/5 Stars – Best Free Password Manager

Password managers are a handy tool, and if you find yourself with a ton of passwords that you struggle to remember you likely find password managers invaluable. While you could choose to store them in your web browser, that isn’t a good option for two reasons. First of all, anyone could login to your favorite websites, services, and applications if you left your computer unattended. Secondly, many of these passwords are stored in cookies and there have been numerous viruses and XSS (Cross-Site Scripting) attacks that target this information specifically.

If you’re looking for a free tool to help you securely manage your passwords to combat web vulnerabilities and data theft, you should know about KeePass – which is an open source password manager. The interface doesn’t look as sexy as some of the paid services which could make it harder for non-technical people to use, but it does offer one great security advantage. YOU get to manage all of the settings on your encryption keys, and because they are created and stored on your very own computer you don’t have to worry about trusting a third party service. What’s even better is that you don’t have to worry about things outside of your control such as a hacker attacking your service provider and running off with all of your user account data and encryption keys.


Though they offer a Windows version of their program, KeePass does a good job of supporting other operating systems with a program they dubbed “KeePassX,” and it will help you securely maintain your passwords on Apple OSX devices as well as Linux distributions. If you use iOS or Android, they also provide iKeePass and KeePass2Android.

And while some of the more advanced features come included in paid services, KeePass allows extra functionality through add-on code modules and plugins. They will give you the power to customize exactly how your software operates and allow you to tweak the settings for greater security. Though you have many handy plugins at your disposal, the only one that could really be called a necessity is the plugin for web browsers, meaning most people won’t need to install a ton of plugins just to get the same service quality as a competing paid solution.

Most people would balk at the idea of using a free program that lives on your host computer because similar cloud services almost always allow you to sync your password library to other devices. However, you can essentially obtain this feature by “doing it yourself.” Because the password files (.kdbx) are encrypted, you could easily backup and store this file on a cloud drive such as Dropbox or another similar service. If you configure this service to backup and sync the password file correctly, you won’t have any problems porting your encrypted passwords to other devices. Though this may be a little bit of a hassle because it isn’t as automatic as a paid service, it’s a fair time investment to make for two reasons. Firstly, it won’t cost you a dime to do this if you already use cloud storage. Secondly, even if your cloud storage provider gets hacked and someone steals your password file, it’s encrypted and there’s no way for the attacker to break into the file and steal your passwords.


Their pricing model is the simplest to understand, and for that reason this section will be very brief. KeePass is 100% free to use – plain and simple. There are no terms or conditions that specify a set time period for free use – meaning you can use it for free indefinitely. This is pretty common of open source software.


Even though it is a free service, the quality of security service is up to speed with the latest security algorithms to give paid services a run for their money. To add to their security benefits, the program is open source so there isn’t a chance that there could be hidden backdoors or data monitoring code lurking within the program.

Also, you need to understand how the program protects your password database. It uses a feature called a master password that is the only way to access passwords contained in the encrypted password file. If you don’t have this master password, there’s no way to steal, mine, or decipher the passwords contained in the program.

But the master password is both a blessing and a curse. Because it serves as the single point of access to all of your other passwords, you really should use a strong password. But if you forget your password because it was too complex or you just didn’t use your password database in a while, you’re hosed. There is no password recovery option and you would have to recover all of your passwords individually and build a new database from scratch.

While you do have the option to change the settings to your liking, by default this software will use AES-256 encryption with the SHA-256 password hashing algorithm which both provide extremely strong security.

Using KeePass

The first thing you are going to need to do is download the software. Don’t let the naming conventions scare you away, either. Though they name their newest release the ‘professional’ edition, it is still free to use. If you want, there is even a version that you can copy to a flash drive for portability. During the installation process, you can leave everything option to their default values. If you wish, create a quick launch and desktop icon as well. After you launch it for the first time, it will ask you if you want the program to automatically search for updates, too.

After you have downloaded and installed the application, the first thing you need to do is create a new password database.

You can save the database anywhere you want to, but remember that if you put it in a cloud storage folder you will be able to sync your password across many devices. To start off, click File and New to create a new database. Select where you want to store the database and then create a master password. Keypass2

I cannot stress this point enough: make sure you can remember your master password!

The program will then allow you to set a default username for new entries in the database as well as give the database a name. It will also let you change the security settings, but I prefer to keep these at their default values. Then all you have to do is click “OK” and you will have a brand spanking new password database.

To add a new entry to the database, you can right click and choose to create a new entry or use the ctrl + i hotkey. The software will even generate a random and incredibly strong password for you. If you want you can change the password, but I would leave it set to the automatically generated password for stronger security. Also, you can generate new passwords if you wish.Keypass4

Lastly, KeePass can even import passwords from other sources. For example, if you have a lot of passwords cached in your web browser you can use the Firefox password manager to send all of your stored password straight into the database.


Keepass is hands down the best free solution for managing and improving the security of your passwords all while providing the same features as paid or partially free alternatives. Nowadays, too many web users share the same passwords for multiple accounts, putting them at risk of unwanted breaches. Keepass allows the user to quickly create and set different and highly secure codes for all their accounts, effectively improving a fundamental layer of security that is often neglected.

Leave a Reply

Your email address will not be published. Required fields are marked *