If there was one thing that ought to be improved, that I haven't seen any improvement in thus far, it's the UI.
It's hideous and uses a completely wrong metaphor. It's like an MFC wizard app from 1996. Toolbar buttons for creating new password databases? Requiring manual saves, so that it loses your password if you accidentally close without saving? The way it's currently set up, it thinks it's an editor for password databases, you know, for all those password databases you edit on a daily basis, email around the company, etc.
It ought to have a search-oriented interface, perhaps bound to a hotkey, perhaps with pinning of commonly used passwords - almost anything would be better than the treeview / listview combo. Auto-save should be the default, as well as versioning, and it should be damn hard to lose passwords even when your database is stored on dropbox and has conflicting updates from multiple locations.
Have a look at my Bluepass project. It uses a much more modern UI and has P2P sync built in. I did a (failed) fundraiser for it on Hacker News 6 months ago. After the fundraiser failed I continued to work on it in my spare time. See bluepass.org and github.com/geertj/bluepass. I'm about 2-3 weeks away from releasing an updated version.
There are autosaving options in Preferences, check it out. The UI can be improved, sure, but you have to remember that this is a complete rewrite of the 1.x version in order to support KeePass v2 format -- it's not even reached feature parity with the old version (although new features are starting to appear, like AutoType).
And of course, this is Free Software; if you think it's so bad, propose a patch or fork it.
I currently use KeePass on Windows, Linux, and Android. Can anyone explain what KeePassX is and what its relationship with KeePass is? All I can seem to find is that it's a cross platform version of KeePass (which KeePass is for my needs) and only supports the older database format.
I use KeePassDroi d (annoying text break) on Android, KeePassX on Mac and Linux but the Windows KeePass doesn't read the same file type as the others, unless I'm missing something? I want to use the same database file for all three OSesess.
KeePass 1.x does not support the new database format and saves its databases as KDB files. KeePass 2.x uses the new database format (KDBX) and it can also import KDB databases created with KeePass 1.x.
I use the same combination myself (KeePassDroid on Android, KeePassX 2 alpha on Linux, KeePass 2 on Windows) with a single KDBX database and I can read the database fine on all OSes. However, I avoid editing the database on Android and on Linux, since KeePassX 2 is still alpha, while KDBX support in KeePassDroid is still experimental.
Try Keepass2Android - it uses the Mono libraries of Keepass 2 running natively on Android, and now supports merging external changes to the database. I've been using it for 6 months now without a hiccup.
I know exactly what you mean about the annoying text break on Android. Just as an FYI, I've upgraded my Nexus 4 to 4.4.2 and installed the Google Experience Launcher and now the name displays properly on a single line. I installed the GEL just to try it out and, as stupid as it may sound, I'd be lying if I said the fixed KeePassDroid label wasn't a major factor in leaving it installed.
The original KeePass was only for windows. Someone forked it and made KeepassL for linux. It was then rewritten for cross compatibility and came to be known as KeePassX. Now that the Keepass itself is cross compatible, it kind of makes KeepassX redundant.
Or maybe KeePass is redundant with KeePassX available.
The KeePass model of development is not very appealing to contributors or anyone who might want to review the code for security. KeePass has no official public repository and only has a dump of the source code for each version the author releases. (Although some people have turned them into repos, the lack of proper commit logs means it's not very easy to see exactly what is being changed[1])
On the other hand, KeePassX is developed in the open like most open source software. I think I'd rather trust that people are reviewing the code here.
I have always used KeePassX for the simple reason that it does not depend on Mono. There had been uncertainty of the legal and ideological status of Mono as a free/open source project [citation needed] with respect to the Microsoft Community Promise. As a result, I had always stayed away from all things Mono. Has that situation changed for the better?
It's "cross compatible" only in as much as the .NET Framework is, i.e. not much. Mono is one big hack to bring what is a Windows-based framework to other platforms.
KeepassX is built on Qt, which is a truly cross-platform toolkit.
Not really. Keepass2 has a lot of problems on Linux based operating systems.
Keepassx however, while lacking in embellished features works perfectly and fits right into gnome shell.
I'm pretty sure KeepassX supports the new database format -- I think their FAQ is wrong. Its relationship with KeePass is just that it's another program that can open that file format; they aren't really "related." I use it on my Mac because it works better than using regular KeePass through Mono.
The 2.0 series of KeePassX does support the newer (2.0) KeePass database format. I've been using the Alpha 3 for a while now and it works well on OS X. The biggest thing I miss from the Windows version is the password generator.
Didn't realize they released a package for KeePass - when I looked a few years ago, I ended up using KeepassX because I couldn't find one, and it's worked great for the past 2 years for me.
You can store the .kdb file on a shared dropbox folder. I know it's not as safe as keeping separate .kdb files (theoretically your dropbox folder can be hacked, but they still would need your master password), but to me it's a sacrifice in the name of convenience.
Pro tip: you can even sync to the minikeepass app on your iphone. It's great having all your passwords always with you!
I use both KeePass and KeePassX (and KeePassDroid on my phone) -- I should make some donations tonight.
I'll be really, really, REALLY happy when KeePassX works with browser plugins like regular KeePass does, so you don't have to always copy and paste things.
I updated last night by pure chance (from 2.0 alpha 3)! I was pleasantly surprised by the fact that it now works great with Retina screens. The only feature I miss is xml import/export (there's an undocumented utility for export, but I had to compile from sources to find it). It works great for my usecase anyway (lots of separate databases for different clients, saving files from both OSX and Win). A little gem! Shame I don't really know C++ or I'd contribute.
Seriously happy about this software - lastpass and its commercial ilk: why would I trust my life (ok passwords) to a car where I'm not allowed to open the hood?
Use a cloudservice to sync the database file of Keepass. I use ownCloud for this. Then have the KeepassX portable version on a USB stick or just download it from any computer connected to the internet.
Open-source and self-hosted (when using owncloud). Works for me!
I'd really like love products like lastpass and the like, but a local only, self administered solution is, at least to me, the obvious way to go.
Also, they have a "donate" button on their site, just donated a tad, and I encourage others to do the same!