KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can store all your passwords in one database, which is locked with a master key. So you only have to remember one single master key to unlock the whole database. Database files are encrypted using the best and most secure encryption algorithms currently known (AES-256, ChaCha20 and Twofish).

KeePass is portable: it can be carried on an USB stick and runs on Windows systems without being installed.

Is KeePass trustworthy?

Yes, KeePass is a well known and safe application to use. This free password manager allows you to encrypt your password and other sensitive data with AES-256, ChaCha20, and Twofish encryption methods. For better privacy, you can lock your vault with multiple user keys and being open source, it can be audited by the public and verified that the encryption algorithms are implemented correctly.

Does KeePass save the database in the cloud?

No. KeePass stores all your passwords in one database, which is locked with a master key and stored locally in your system. The database consists of only one encrypted file, so it can be transferred easily from one computer to another or, with the portable version of KeePass, it can be carried on USB sticks and run on any computer without any installation.

What's the difference between KeePassXC and KeePass?

KeePassXC is a fork from the original KeePass project and both are open-source applications. A key difference is that KeePassXC is written in C++, while KeePass is written in C#. This translates to KeePassXC running natively in more platforms, while KeePass requires .NET on Windows and the Mono runtime libraries to run on other platforms.

Is KeePass really free?

Yes, KeePass is free and open-source. Open-source prevents backdoors. You can have a look at its source code and compile it yourself.

Which are the best KeePass alternatives?

Bitwarden is another free and open-source password manager like KeePass. If you are willing to pay for a password manager, LastPass is pretty good, but you might as well choose 1Password or Dashlane.

What's New

New Features

  • Added option 'Prevent certain screen captures' (in 'Tools' → 'Options' → tab 'Security', turned off by default); note that this may also prevent legitimate other software (remote desktop solutions, accessibility tools such as screen magnifiers, etc.) from seeing KeePass windows.
  • Added the new option 'Prevent certain screen captures' in the 'Enforce Options (All Users)' dialog (in 'Tools' → 'Advanced Tools' → 'Enforce Options').
  • Key files can be created on the secure desktop now.
  • Added shortcut keys for the 'Copy Group (Encrypted)' (Ctrl+Shift+C) and 'Paste Group' (Ctrl+Shift+V) commands.
  • Ctrl+Shift+V can now be used for pasting entries while the group tree has the input focus and vice versa.
  • Added 'More' button in the icon picker dialog, which shows a menu that provides two commands: 'Rename' and 'Export'; the menu is also shown as context menu of the custom icons list.
  • When importing an icon, the file name without extension is now used as icon name.
  • Added option 'Remember password hiding setting' in the main window column configuration dialog (turned off by default).
  • Added support for long paths when running on .NET 4.6.2 or higher.
  • Some error messages now contain the type and the HResult of the exception that occured.
  • Some error messages are now more detailed when running KeePass with the '-debug' command line option.
  • Bitwarden JSON import: two-digit years are now converted to four-digit years.
  • Added UIFlags bit for automatically adjusting weak key transformation settings to the current default values (without a confirmation dialog).
  • Added DPI detection on Unix-like systems.
  • For applications using KeePass as a library: added a new common initialization method ('CommonInitialize') that allows a custom error handling/reporting.

Improvements

  • Databases are now always saved in the KDBX 4/4.1 file format; if you need a KDBX 3.1 file (e.g. for compatibility with an old app), perform an export: main menu 'File' → 'Export' → format 'KeePass KDBX (2.34, Old Format)'.
  • Auto-Type: improved compatibility with Remote Desktop Client (WSL).
  • In an auto-type error dialog, the sequence is now only displayed if KeePass has been started with the '-debug' command line option.
  • Increased maximum length of the main window title.
  • Improved handling of shortcut keys in the main window.
  • Improved entry data exchange menu update performance.
  • After moving a group, KeePass now ensures that the group is visible.
  • Improved database save confirmation dialog text.
  • When showing the master key creation/change dialog on the secure desktop, trying to perform an operation that is not supported on the secure desktop now results in a simple error message, i.e. it is not possible anymore to choose to cancel the dialog and perform the operation on the normal desktop; this avoids certain accidental data loss scenarios.
  • Various improvements in the simple file browser dialog (for the secure desktop).
  • While a hot key control of the options dialog is focused, dialog-specific keyboard shortcuts are now disabled.
  • Changed the 'MAC Address' password generator profile such that it always generates a unicast, locally administered MAC address in the SLAP administratively assigned quadrant.
  • In the icon picker dialog: moved the 'Export' command into the 'More'/context menu of the custom icons list.
  • When running on .NET 4.7 or higher, KeePass now supports all TLS/SSL protocol versions that are supported/enabled by the framework/system.
  • Improved error messages for exception chains.
  • Improved serialization, deserialization and conversion of nullable booleans.
  • Improved deserialization of variant dictionaries.
  • Improved application context initialization.
  • Improved termination of the program in case of a fatal exception.
  • Various UI text improvements.
  • Various code optimizations.
  • Minor other improvements.