KeePassXC Review

KeePassXC is an open-source, offline password manager, that is also free. Undoubtedly, these are great features, but what about everything else?

Is it safe enough? How many platforms are supported? How about customer support?

Continue reading this KeePassXC review to find out all there is to know about this password manager.

Overview

• Encryption: Military-grade AES-256
• Two-factor authentication: YubiKey
• Platforms: Windows, Linux, macOS
• Browser extensions: Chrome, Chromium, Vivaldi, Firefox
• Free version: Yes
• Price: Free password manager

Is KeePassXC secure?

Many see phrases such as “open-source”, “not cloud-based”,  and “community-developed” as the synonyms of online security. Is it also the case with the KeePassXC password manager?

Encryption

KeePassXC uses military-grade AES 256 encryption. If you’re not completely new to the cybersecurity field, you would surely know it is considered to be one of the most secure ones on the market.

With it, your password security is increased, and you can feel assured that the likelihood of getting them hacked is lowered to the bare minimum.

Not a cloud-based password manager

One of the main reasons behind the appeal of KeePassXC is that it’s an offline password manager. This means that your data is not stored in an online cloud, which makes it harder for hackers to get into your database.

2FA and YubiKey

KeePassXC’s two-factor authentication (2FA) is a little complicated.

Let’s start by saying that this password manager supports YubiKey to secure your database. However, technically YubiKey is not considered 2FA.

That’s how the team behind the product explains whether KeePassXC supports YubiKey:

Yes and no. KeePassXC supports YubiKeys for securing a database, but strictly speaking, it’s not two-factor authentication. KeePassXC generates a challenge and uses the YubiKey’s response to this challenge to enhance the encryption key of your database. So in a sense, it makes your password stronger, but technically it doesn’t qualify as a separate second factor, since the expected response doesn’t change every time you try to decrypt your database. It does, however, change every time you save your database.

Reputation

In terms of scandals, KeePassXC’s reputation has been clean. Customers find this product reliable because it is an offline password manager, as well as open-source and community-developed. Its users’ participation in the development process is a reassuring sign of security.

User contribution

As KeePassXC is a community-created password manager, its users’ participation is continuously encouraged.

You can do the following things to participate in the development of the product:

• Report bugs
• Propose new features
• Write code
• Translate
• Donate

What is the difference between KeePass, KeePassX and KeePassXC?

Some might get confused by seeing three very similar names in the password manager world. There’s no mystery – all of them are related.

KeePass is the first one out of three – the original password manager. KeePassX was created as a cross-platform app to manage KeePass databases.

And the last one – KeePassXC – is the most advanced and improved version of the three password managers. It is continuously updated and tweaked to ensure the best user experience.

Apps and ease of use

While KeePassXC supports some of the commonly used platforms, it could do way better. Continue reading to learn more.

Desktop apps

KeePassXC is available on Windows, Linux, and macOS. You can download your preferred app on KeePassXC’s website:

The apps are very straightforward, and simple with not much to marvel at – if you want a stylish interface, this is not the app for you. However, KeePassXC does its job well and all the necessary features are there for you to explore.

I’d say this is a great product for those who are just starting with password managers. You won’t get distracted by a myriad of fancy features and will get everything you would expect from this type of product.

Browser extensions

KeePassXC works on Chrome, Chromium, Vivaldi, and Firefox.

To enable your chosen extension, you would have to go to the app Settings or alternatively go to your browser and search for KeePassXC.

For this review, I’m using Chrome. All you have to do is to click on Add to Chrome:

It’s excellent that the product has extensions not only for the widely used browsers but also for the open-source Chromium browser, as well.

However, I’m missing a Safari extension. Hopefully, with many people contributing to this open-source product, it’s only a matter of time before it’s created.

Mobile

This may come as a surprise, but KeePassXC doesn’t have apps for Android or iOS.

However, on their website, the team behind the password manager recommend using the following two open-source apps that have the same functionality:

1. KeePass2Android for Android
2. Strongbox for iOS

Both of them are open-source and highly praised by the creators of KeePassXC.

As KeePassXC’s team explains, creating dedicated apps would require a full rewrite of the code. According to them, there are many high-quality mobile apps on the market, and creating new ones is pointless.

I personally don’t find this argument convincing, as having both desktop and mobile apps of the same product would be more practical, comfortable, and simply less complicated.

How does KeePassXC work?

Using KeePassXC is generally not complicated, however, there are some things to keep in mind, and I’ll discuss them shortly.

Installing and setting up KeePassXC

Installing KeePassXC is quite self-explanatory.

First of all, download the app suitable for your device. You’ll find the apps on the KeePassXC’s website in the Download section:

After that, follow the steps your app asks you to complete.

Once you do that, KeePassXC will welcome you with this window:

Now you can Create a new database, Open an existing database, Import from KeePass1, Import from CSV.

How to create a database

Creating a database on KeePassXC is easy. You have to complete the following steps:

1. Click Database on the top left corner of your app
2. Click New Database
3. Name your Database
4. Click Continue
5. You’ll have the option to change the encryption settings. I highly recommend leaving them as they are – the app has already set your security to max
6. Click Continue
7. Create your Master Password and confirm it
8. Click Done

Import and export with KeePassXC

If you want to, you can import your passwords right after you install the app. However, if you need some time to explore, no worries – you can do that anytime you want to.

Whenever you’re ready, import your passwords from other password managers by using a CSV file that was created when exporting your passwords from another product.

Say you are now using LastPass as your password manager. To export your data, here are the steps you have to take:

1. Click More options on your app
2. Click Advanced
3. Click Export
4. Click LastPass CSV file

There you have it – now you can use this file to import your passwords to KeePassXC.

To import, complete these steps:

1. Click on Database
2. Click Import
3. Click Import CSV file
4. Choose your recently exported CVS file

That’s all there is – your passwords are now imported to your database.

Auto-Type

The Auto-Type feature is available on all three supported platforms – Windows, Linux, and macOS. With this feature, you no longer need to type your data over and over again. KeePassXC will remember and suggest it to you when needed.

You will find an Auto-Type button in your app’s Tools section. There you can enable it so that it would help you save time in the future.

If you’re a macOS user, listen up! To enable this feature, you’ll have to complete the following steps:

1. Go to Mac Settings
2. Click Security & Privacy
3. Click Privacy
4. Click Accessibility
5. Allow KeePassXC to control your computer

Without doing this, you won’t be able to enjoy the feature, as macOS is pretty strict in keeping apps from taking control of your device.

KeePassXC is a Free password manager

KeePassXC is a completely free password manager. That’s right – you get military-grade encryption, a powerful desktop app, and enhanced security features without paying anything.

On the market, you’d find paid products with way less than KeePassXC has to offer. Therefore, I’d even forgive some of its mistakes, because the overall experience is not bad at all, especially if you’re new to the password manager field.

However, if you are somewhat a veteran and know a great deal about cybersecurity, you might want to get a product with a sleek interface, more security features, and mobile apps. If that’s your case, I encourage you to take a look at our best password managers as an alternative.

KeePassXC Customer support

On their website, KeePassXC offers a Documentation and FAQ page as a form of customer support. As I was researching for this review, I used these to find answers, and found many of them covered.

If that’s not enough, you can contact the KeePassXC team via IRC on chat.freenode.net on the following channels:

• #keepassxc (user channel)
• #keepassxc-dev (developer channel)

The team warns – the answers might take some time.

The lack of prompt customer support (i.e., via live chat or an email) is one of the most disappointing aspects of this product. When the issue is urgent, and you have to wait hours if not days, you start thinking twice.

Bottom line

Altogether, KeePassXC is an excellent alternative for two types of people: those who are taking their first steps in the password manager field and those who’ve lost their trust in cloud-based password managers.

On the other hand, KeePassXC could surely improve its website interface, create mobile apps and improve its customer support options.