TL; DR: With so many places requiring usernames and passwords — bank accounts, email, social media, online shopping — we know it’s important to make passwords diverse and hard to crack. At the same time, however, a complex password is easy to forget. KeePass helps keep accounts secure through a free and open-source password manager, earning our Developers’ Choice Award™. Lead Developer Dominik Reichl told us about the specific benefits of his lightweight password manager and how the platform continues to enhance its features to be more secure, productive and portable.
As the frequency and severity of data breaches and compromised accounts continue to rise, roughly 40% of people have had to deal with hacked accounts, stolen passwords, or compromised personal information.
The solution, of course, is to create passwords that are more difficult to hack. Ideally, that means creating different passwords for each account — but the more credentials you have to use, the more difficult they are to remember. The average person needs to deal with 27 password-protected accounts, and 37% of those surveyed say they forget a password at least once per week.
Password managers are an effective way to work around this problem. Dominik Reichl first created KeePass, a free and open-source password manager, to fill some of the gaps he saw in existing software.
“Back in 2003, there wasn’t any password manager that I liked,” he said. “Some of them weren’t open source, which in my opinion is necessary for such a security-critical software. Some of them didn’t have all the features that I wanted. Some used integration approaches that I didn’t like. So, I started developing KeePass.”
With multiuser capabilities and wide-ranging support for browsers and operating systems, KeePass is business-savvy and family-friendly software worthy of our Developers’ Choice Award™. Maintaining secure and unbreakable passwords becomes much less painful when KeePass does the thinking for you.
How Password Managers Keep Data on Lockdown
The recommendations for a strong password — for example, using a mix of uppercase letters, lowercase letters, numbers, and symbols — make them harder to guess. The most secure passwords, however, can be excruciating to remember. What’s more, manually inputting passwords still leaves you vulnerable to phishing scams, malware, and man-in-the-middle attacks.
So, how does a password manager like KeePass derail the efforts of hackers and protect users? Login credentials kept in KeePass are protected under many layers of encryption. Even if someone successfully compromised KeePass infrastructure, the attackers still wouldn’t be able to access the protected data.
In addition to databases encrypted with the AES-256 and Twofish algorithms, KeePass offers two-factor authentication for even more impregnable security.
KeePass is available for Windows, macOS and Linux systems in two versions: 1.x and 2.x. The original version of KeePass is still available for developers and people who don’t need the latest bells and whistles. Version 2.x makes way for more features, including an internal file viewer and editor, optimization for better accessibility, and the capacity to import more than 35 file formats to upload passwords.
“Over the years, as KeePass became more and more popular, it turned out that the architecture of KeePass 1.x wasn’t flexible enough to reasonably implement many of the features that users wished,” Dominik said. “KeePass 2.x is a complete rewrite, with a much better architecture and improved security, integrations, portability, and productivity.”
Why Open-Source Software Makes for the Best Data Security
Many people are naturally drawn to KeePass simply because it’s free, but that’s not the only reason to choose it as your go-to password manager. The program’s open-source nature offers many advantages over closed, proprietary systems.
“For a security-critical software like a password manager, in my opinion, open-source development is a requirement,” Dominik said.
With open-source security tools, anyone can look at the source code to ensure that it’s working properly. This crowdfunded protection process creates an additional security buffer — users can find errors or gaps in the code and quickly address the problem.
“Everyone should be able to check whether encryption has been implemented properly, how sensitive information is handled, and so on,” Dominik said.
In addition to the added protection and peace of mind, open-source software allows for community-contributed extensions and plugins that can greatly improve how KeePass users work within the system. Independent developers can build and release new features, such as those that support automation and integration with other programs.
The current list of plugins and extensions includes dozens of options for highly specific functions, each available for easy download and listed with compatibility and author information.
Features That Make Password Storage More User-Friendly
With a simple user interface, Dominik built KeePass to be straightforward and easy to use. Features that streamline password creation and use allow users to seamlessly interact with KeePass to log in anywhere and manage their password vault.
For starters, KeePass is portable and can be used online or offline. The password generator creates a hard-to-crack code for any of your accounts, and the program’s synchronization function enables users to merge different copies of a password database file without compromising them.
While running KeePass in the background, the system will autofill passwords when you need to log in somewhere. Passwords in the KeePass vault can be organized into groups to simplify account credential management. Dividing groups into subgroups allow for even more granularity.
Moving Toward Improved File Synchronization and Automated Processes
The number of online passwords the average person needs these days continue to grow as people rely more on web-based information systems to conduct much of their personal lives. KeePass provides a comprehensive and intuitive remedy for keeping accounts secure and creating hacker-proof passwords without having to remember them all.
According to Dominik, the next KeePass release will introduce several frontend and backend features, such as the use of Transactional NTFS (TxF) for writing databases and configuration files in Windows. Version 2.39, released in May 2018, will have new commands that make it easier to find specific entries and account details. Automated saving will also be enhanced.
“This improves the compatibility with other programs that are watching these files, like file synchronization services,” Dominik said.