Today you need to remember many passwords. You need a password for the Windows network logon, your e-mail account, your website’s FTP password, online passwords (like website member account), etc. etc. etc. The list is endless. Also, you should use different passwords for each account. Because if you use only one password everywhere and someone gets this password you have a problem… A serious problem. The thief would have access to your e-mail account, website, etc. Unimaginable.
KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish). For more information, see the features page.
Is it really free?
Yes, KeePass is really free, and more than that: it is open source (OSI certified). You can have a look at its full source and check whether the encryption algorithms are implemented correctly.
- KeePass supports the Advanced Encryption Standard (AES, Rijndael) and the Twofish algorithm to encrypt its password databases. Both of these ciphers are regarded as being very secure. AES e.g. became effective as a U.S. Federal government standard and is approved by the National Security Agency (NSA) for top secret information.
- The complete database is encrypted, not only the password fields. So, your user names, notes, etc. are encrypted, too.
- SHA-256 is used as password hash. SHA-256 is a 256-bit cryptographically secure one-way hash function. Your master password is hashed using this algorithm and its output is used as key for the encryption algorithms.
- In contrast to many other hashing algorithms, no attacks are known yet against SHA-256.
- Protection against dictionary and guessing attacks: by transforming the final master key very often, dictionary and guessing attacks can be made harder.
- In-Memory Passwords Protection: Your passwords are encrypted while KeePass is running, so even when the operating system caches the KeePass process to disk, this wouldn’t reveal your passwords anyway.
- [2.x] Protected In-Memory Streams: When loading the inner XML format, passwords are encrypted using a session key.
- Security-Enhanced Password Edit Controls: KeePass is the first password manager that features security-enhanced password edit controls. None of the available password edit control spies work against these controls. The passwords entered in those controls aren’t even visible in the process memory of KeePass.
- The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too.
- Also see the security information page.
Multiple User Keys
- One master password decrypts the complete database.
- Alternatively you can use key files. Key files provide better security than master passwords in most cases. You only have to carry the key file with you, for example on a floppy disk, USB stick, or you can burn it onto a CD. Of course, you shouldn’t lose this disk then.
- For even more security you can combine the above two methods: the database then requires the key file and the password in order to be unlocked. Even if you lose your key file, the database would remain secure.
- [2.x] Additionally, you can lock the database to the current Windows user account. The database can then only be opened by the same person who created it.
- Also see keys information page.
Portable and No Installation Required, Accessibility
- KeePass is portable: it can be carried on an USB stick and runs on Windows systems without being installed.
- Installer packages are available, too, for the ones who like to have shortcuts in their Windows start menu and on the desktop.
- KeePass doesn’t store anything on your system. The program doesn’t create any new registry keys and it doesn’t create any initialization files (INI) in your Windows directory. Deleting the KeePass directory (in case you downloaded the binary ZIP package) or using the uninstaller (in case you downloaded the installer package) leaves no trace of KeePass on your system.
- [1.x] KeePass requires GDI+ (which can be downloaded for free at Microsoft’s website). Windows XP and higher already include GDI+; for Windows 2000 you need to install it, if it’s not installed already. No .NET framework is required.
- [2.x] KeePass requires the Microsoft .NET Framework (which can be downloaded for free at Microsoft’s website) or Mono. Windows Vista and higher already include the .NET framework; for Windows 98 / ME / 2000 / XP you need to install it, if it’s not installed already. With Mono, KeePass also runs on Linux, Mac OS X, BSD, etc.
- Ports for other systems like Linux, Mac OS X, PocketPC, Smartphone, etc. are available! See the downloads page.
- [2.x] Accessibility: KeePass 2.x features an advanced option that explicitly optimizes the user interface for screen readers.
Strong Random Password Generator
- KeePass can generate strong random passwords for you.
- You can define the possible output characters of the generator (number of characters and type).
- Random seeding through user input: mouse movement and random keyboard input.
Get KeePass – Best Free Password Safe here