I've been using KeePassXC ever since switching from OSX to Debian Linux. On OSX, I used 1Password and have been an advocate for years.<p>However, after being forced to upgrade (and pay again) multiple times due to API changes, and the integration stopped working with various browsers, I wasn't a happy customer anymore. KeePassXC works just as good, if not better. I'm using it on Debian, with browser extensions and on iOS (and sometimes even on my old Macbook Pro on OSX). Being FOSS, I'm not afraid anymore that stuff will stop working at some point, because some proprietary API is deprecated.
I've been using the original KeePass for a long time. I'm an architect, not a coder/software developer. So my question is a bit naive on this forum, but why is KeePass 10mb installed and KeePassXC 108mb if they do the same thing? I like that KeePass has plugins that I can tailor to my needs. Does KeePassXC make the same security software changes as KeePass? I forgot one more question, can I use KeePass2Android if I switched?
If you like KeePassXC you should consider donating. I donate $5 a month because it's worth paying for good software.<p><a href="https://keepassxc.org/donate/" rel="nofollow">https://keepassxc.org/donate/</a>
I am assuming there are ways to turn off health checks to “ Have I Been Pwned”. I never want my local password manager to do outcalls for any reason...
Another option you should consider: <a href="https://www.passwordstore.org/" rel="nofollow">https://www.passwordstore.org/</a><p>It's just a bash script that used gpg and git. I find it the most KISS solution. Not available on phones but I don't trust my phone with my secrets anyway.
How trusted are the iOS/Android app compared to the "mainstream" desktop clients like KeepassXC ? I'm a bit wary of downloading a "random client" from the App Store. Are those audited/trusted as much ?
Word of warning: Don't use KeePassXC when your co-workers use KeePass2 using a network drive. KeePassXC doesn't support KP2's sync protocol. You'll clobber other people's changes when you save using XC. It took us a few weeks before we noticed that many passwords were missing.
Also a user. Works well in general, although I continue to be sad to see the arrogance during argumenting in an issue that is a valid and necessary usecase for many people using online banking.
<a href="https://github.com/keepassxreboot/keepassxc/issues/725" rel="nofollow">https://github.com/keepassxreboot/keepassxc/issues/725</a>
I'm excited to try this out. Just to mention two interesting projects:<p>On MacOS I use: <a href="https://macpassapp.org/" rel="nofollow">https://macpassapp.org/</a> (Open Source)<p>I always wanted to try: <a href="https://www.passbolt.com/" rel="nofollow">https://www.passbolt.com/</a> (Self-hostable)
While we're on the subject of password managers ... I'm still looking for one with decent multi-user & group support, with audit trails, which is self-hosted. Bitwarden sounded promising, but I'm put off by their MS based stack and their pricing model. Any other recommendations would be greatly appreciated.
Years ago I used KeePassX. It became stale, ugly, and didn't have a good Android app. KeePassX then moved to .NET, and didn't work well on Linux, so I looked around. I settled on enpass as it was a paid app without a subscription, and withyour choice of sync/backup. Enpass has excellent desktop/mobile apps with sync using your choice of cloud service. I'm very happy with it.
Why do people insist on putting everything, even passwords, in folders? I find categorizing files, let alone passwords, into a strict taxonomy a particularly hard job of questionable usefulness.<p>It would be much handier if we could just tag the records with a number of tags + add a description and/or comment rather than put it in a folder. I always use search rather than manual folder tree navigation anyway.
How does Keepassxc compare to other password managers (passwordstore with gpg-agent/gnome keyring, 1password, Bitwarden, etc) in terms of protecting secrets when the vault is unlocked?<p>For example, part of data may be held unencrypted in RAM that could be read by OS or other programs. Any use of TPM?
Wait, so there's Keepass, KeepassX and KeepassXC? I understand the X is cross-platform (initially was linux-only) whereas presumably Keepass is win-only; but what's the "community fork" for? Why not improve KeepassX? And why don't KeepassX and Keepass merge now?
I used to use KeePass and KeePassXC for years at a time, but the amount of time I have saved not having to mess with syncing issues more than makes up for the ~$30 a year for 1password that always works across windows, linux, ios and mac.