Hardware

Review: KeePassX 0.4.1 password manager

KeePassX is perfect for those looking for a secure and portable solution for storing their personal information with cross-platform support.

You can store personal information like identification numbers, passwords, and files simply and securely with KeePassX, which is the cross-platform version of KeePass.

Specifications

  • Developer: KeePassX Team
  • File size: 6.6MB
  • Prerequisites: None
  • Linux requirements:
    • Build dependencies: Qt library 4.3 or higher (required modules: QtCore, QtGui, QtXml), libXtst
    • Application bundle: X11 with XRandR, Xinerama and XTest extensions and GLibC 2.4
  • Operating system: Windows 2000, Windows XP, Windows Vista, Windows 7, Mac OS X 10.4 and 10.5, Ubuntu, openSUSE 11.0 and 11.1, Fedora 10 and 11
  • Price: Free
  • More Info: KeePassX Home Page
  • Download: KeePassX Download
  • TechRepublic Photo Gallery

Who's it for?

KeePassX is perfect for those looking for a secure and portable solution for storing their personal information with cross-platform support.

What problem does it solve?

One single master password and/or key file means that you only have to remember one password and/or have access to one file for all logins. Securely stores your personal information encrypted instead of 'in the clear'. Simple to use password generator allows you to generate high quality passwords. Use KeePassX to securely take your data with you on a flash drive.

Standout features

  • Simple GUI: The screens are simple and easy to use. The left pane uses a tree structure to display groups, subgroups and entries. Two panes on the right show detail information.
  • Master password and/or key file: Use and remember only one password to have access to all of your ID/Passwords. Alternatively, you can use a single key file or you can use both a password and a key file.
  • Run from removable media: Can be run directly from a flash drive. No installation required, which is very convenient if you need to have your personal information available and secured on-the-go.
  • Securely store attachments: You can add any file as an attachment to the KeePassX database. This is a very handy way to carry your confidential business presentations and personal documents with you on a flash drive when you travel and still have them protected from prying eyes.
  • Supports and stores the following information:
    • Title
    • Username
    • Password
    • URL
    • Comments
    • Expires
    • Creation
    • Last Change
    • Last Access
    • Attachment
  • Searchable: One or more of the following items are searchable:
    • Titles
    • Usernames
    • Passwords
    • Comments
    • URLs
  • Secure: Uses 256 bit key encryption.
  • Cross-platform support: Run from Windows, Mac OS X or Linux
  • Usernames and passwords hidden: IDs and passwords are hidden or masked by default but can also be viewed unmasked.
  • Expiration date: Entries can be allowed to expire based on a user supplied expiration date.
  • Password generator: A simple to use but highly configurable password generator can create passwords up to 9,999 characters in length for the extremely paranoid.
  • Lockable: The main screen can be locked if you need to leave the computer but want KeePassX to be easily accessible.
  • Bookmark manager: Allows you to create a list of database files for quick access, or so it appears. I was unable to find any documentation on the Bookmark feature.
  • Entries backed up: Original versions of modified entries are, by default, kept in a group called Backup.
  • Configurable: There are a number of options for how KeePassX looks and works. Please view the TechRepublic Photo Gallery for details.
  • Support for multiple languages: 15 different languages are supported.
  • Freeware: Free for both personal and business use. KeePassX is distributed under the terms of the GNU General Public License (GPL) version 2.

What's wrong?

  • Database corruption: KeePassX uses a database that can become corrupted. I have never experienced a corrupted database but it is a good idea to keep backup copies of the database stored in a safe place. KeePassX has no database repair feature if your database becomes corrupted.
  • Auto-Type feature only works in Linux: You must manually copy and paste the username and password in Windows and Mac OS X. If auto-type is a necessity, consider KeePass instead.
  • One attachment per entry: You can only associate one attachment per entry. As a workaround, add the files you want to associate to a zip file and attach the zip file to the entry.
  • Attachments cannot be viewed or edited: Attachments can be stored in the database but not viewed or edited.
  • Path not remembered: When adding attachments, the default path is always the current user's folder, i.e. C:\Users\UserName.
  • Key file path and name remembered by default: When starting KeePassX and using a key file the path and file name for the key file selected previously may be shown in the Key File: text box on the Enter Master Key login screen. This lets others know the key file name and where it was saved: not secure at all if the key file was saved to the computer's hard drive.
  • Mouseover fails: Mouseover info does not work on some secondary screens i.e. the New Entry and Manage Bookmarks screen.
  • Help file: There is no detailed help available from the application but a Quick-Start Guide is included.
  • Poor online support: Other than an online forum there is no detailed online support available.

Competitive products

There are a lot of good password managers out there but they are not all implemented the same way. For example, there are Web sites that will store your personal information online. Even if encrypted, you may not want a third party to have access to your confidential information or you may not want to rely on a third party for getting access to your confidential information.

Note: The following applications may not have the same functionality, i.e. cross-platform support, as KeePassX.

Free

Commercial: fee based

Bottom line for business

KeePassX is a simple and convenient one stop solution for securing personal information. The ability to store files makes it much more than just a password manager. The cross-platform support makes KeePassX a standout from other password managers.

User rating

Have you encountered or used KeePassX? If so, what do you think? Rate your experience and compare the results to what other TechRepublic members think. Give your own personal review in the TechRepublic Community Forums or let us know if you think we left anything out in our review.

Read our field-tested reviews of hardware and software in TechRepublic's Product Spotlight newsletter, delivered each Thursday. We explain who would use the product and describe what problem the product is designed to solve. Automatically sign up today!

Author's Note:

I want to thank TechRepublic member tomas.sobek@... for his suggestion of KeePassX as a good password manager. I do in fact occasionally follow advice from TechRepublic members.

Next Page (Photo Gallery) >>

About

Alan Norton began using PCs in 1981, when they were called microcomputers. He has worked at companies like Hughes Aircraft and CSC, where he developed client/server-based applications. Alan is currently semi-retired and starting a new career as a wri...

18 comments
passter
passter

I think that there are better solutions for password management. I like my passwords under my responsibility, this why i start using Passter www.passter.com

Neon Samurai
Neon Samurai

Unless they broke autotype in the latest version, it works perfectly. I actually prefer it on Windows because I can configure what is typed (eg. uname, password but no trailing [Enter] key). When using it on *nix systems, I have to be sure that the uname and password fields are going to populate correctly because Enter is coded on the end where Windows gives me a chance to confirm that the correct fields where populated since I disable the trailing Enter. I'm using the Portableapps Keepass for Windows though so maybe they broke autotype in the most recent version. (edit) wait.. found your problem. Your looking at version 0.4.1 where version 1.17 is more current. http://keepass.info/ KeePass 2.10 released 2010-03-05 09:34. Read More ? KeePass 1.17 released 2009-12-05 09:53. Read More ? Try the current version

Alan Norton
Alan Norton

If you have used KeePassX do you like it? As always, I will be popping in from time to time to answer any questions you might have and to participate in the discussion when I have something to add.

Mark W. Kaelin
Mark W. Kaelin

If you are like me, you have a lot of password requests every day. Do you use a password manager? What works well and what does not?

psquare11
psquare11

I too use and like 1Password, but I believe the focus of this article is on cross-platform password managers. 1PW is great for Macs, but I'm not sure whether or not it has cross-platform capability. Anybody know?

Alan Norton
Alan Norton

You are right. I have downloaded and tested KeePass 1.17 because the database is compatible with KeePassX 0.4.1 and the auto-type feature works. The KeePassX 0.4.1 auto-type feature does not work in Mac OS X or Windows.

wwgorman
wwgorman

As the title of my reply states it didn't work for me. Perhaps I'll try the download but the comment about corrupting the database which can easily happen on USB "sticks" is a problem. Think I'll just stay where I am by listing my passwords in my organizer which i backup regularly.

Neon Samurai
Neon Samurai

I started with Password Safe but was forced to find an alternative when the version for my PDA did not support the newer database format used by the version for Windows and Linux based systems. Keepass provided a database format read across all it's versions regardless of platform. Debian, Mandriva, Windows, Portable App, osX, Maemo; all read the same database with little difference between GUI front ends.

mikin
mikin

I use Sticky Password manager for years. I have tried Roboform and also Lastpass. Lastpass is great, but online and I don't trust cloud computing. Roboform was in toolbar and I hate toolbars, so I stood with Sticky Password.

Grimshiire
Grimshiire

Oubliette is a more than sufficient for password management. Easy to use, proprietary file type and you can't beat the price. Free. The problem with most psw mgrs is that they try to do to much.

Neon Samurai
Neon Samurai

KeepassX autotype function has worked consistently under Mandriva and Debian. I can confirm against osX later when I'm home but I didn't think that it was in such an early version number still. (edit): I see what tripped me up. Your image at the top of the article shows a widows session and I'm used to differentiating Keepass (windows) and KeepassX (unix). I'm not sure why someone would choose KeepassX over Keepass for a Windows platform. I can't disagree with porting the same code and name across platforms instead of having two different GUI front ends though.

Neon Samurai
Neon Samurai

Keepass can use some pretty solid encryption for your password data file. I personally have my portable Keepass on usb. I then have the data file duplicated to my *nix machine with locally installed keepassX and in my NAS backups. I've not managed to see it get corrupted yet though and I use it pretty heavily on my Flashdrive, an Ironkey and various hard drives. Offhand, do you unmount your flashdrive before removing it? (Windows; safely remove option from the task bar.) Flashdrives are still known for taking damage when yanked out of a machine without unmounting.

Neon Samurai
Neon Samurai

Unless KeepassX is now being ported directly to windows, the standard has been Keepass developed for Windows (install and portable forms) and KeepassX for unix like platforms. They are both platform specific front ends for the same database so your password data is fully cross-platform including into mobile phones and PDAs. Other than display widgets, the only noticable difference between Keepass (win) and KeepassX (Lin) has been my easier ability to configure the macro that inputs username and password; removing [Enter] press from the end of it. There is probably a way to do with with KeepassX but with Keepass it's simply an easy change in the options. The contrasting comparison for me is Password Safe which provided GUI across multiple platforms but the version for my PDA did not support the newer data format used on my desktops. I thank Password Safe for this issue though as it's what drove me to discover Keepass.

Alan Norton
Alan Norton

"I'm not sure why someone would choose KeepassX over Keepass for a Windows platform." Neither do I unless they need the cross-platform capability. I wasn't aware of KeePass until doing the research for this Product Spotlight. I don't need cross-platform support so I am switching to KeePass. They are both very good password managers.

Editor's Picks