KeePass is the password manager that does not change. It has been operating consistently since 2003, has not been acquired, has not pivoted to a SaaS model, has not added cryptocurrency features, and has not introduced subscription pricing. The product remains free, open source, and stubbornly local-first. For users who specifically value these properties, KeePass remains the right answer.
What KeePass is
KeePass is a free open-source password manager developed by Dominik Reichl since 2003. The original Windows version (KeePass Password Safe, sometimes called KeePass 2) is .NET-based. Various cross-platform implementations exist:
- KeePassXC: cross-platform fork (Windows, macOS, Linux), the most-recommended for non-Windows users
- KeePassDX: Android implementation
- Strongbox: iOS implementation (paid)
- KeeWeb: web-based viewer/editor
The product stores passwords in an encrypted .kdbx file. The file is encrypted with your master password and optionally a key file. There is no built-in cloud sync; you choose how to synchronize the file across devices (Dropbox, Sync.com, self-hosted Nextcloud, manual file transfer, anything).
The product is genuinely free. No subscriptions, no premium tiers, no hosted service fees.
What KeePass does well
The portability is unique. Your password vault is a file. You control where it lives. You can move it between devices via any sync mechanism. If you stop using KeePass, your file is still readable by other KeePass-compatible clients indefinitely.
The encryption is strong. Modern KDBX format uses Argon2 for key derivation (resists offline brute force well) and AES-256 or ChaCha20 for content encryption. The cryptographic implementations have been independently reviewed.
The lack of cloud dependency is meaningful. If KeePass the project disappeared tomorrow, your files still work. Your data is not held hostage by any service’s continued operation.
The customization is extensive. KeePass supports plugins, custom fields, complex entry organization, scripting integration, command-line tools.
The KeePassXC fork is actively maintained, cross-platform, well-tested, and has excellent integration with browsers via the KeePassXC-Browser extension.
What KeePass does less well
The user experience is genuinely worse than 1Password or Bitwarden. The interface is functional but dated. Setup requires more steps than the cloud-based competitors.
The mobile experience requires third-party apps (KeePassDX on Android, Strongbox on iOS). These are good but vary in polish.
The synchronization is your problem. You handle keeping the file in sync across devices. This is flexibility, but it is also more work than competitors that handle sync automatically.
The collaboration features are essentially nonexistent. Sharing a password with a family member requires sharing the database file or using a separate shared database.
The browser integration is functional but less smooth than 1Password’s or Bitwarden’s. The KeePassXC-Browser extension works well but feels less integrated.
The mobile-to-desktop workflow is more friction. Cloud-based managers handle this seamlessly; KeePass requires you to think about file sync.
How KeePass compares
Versus Bitwarden Premium ($10/year): Bitwarden has cloud sync built in, better mobile UX, easier collaboration. KeePass has no recurring cost, no cloud dependency, more customization. For most users wanting easy: Bitwarden. For users wanting maximum control: KeePass.
Versus 1Password ($36/year): 1Password is more polished, has more advanced features, costs $36/year. KeePass is free with worse UX. For users prioritizing polish: 1Password. For users prioritizing free and self-controlled: KeePass.
Versus self-hosted Vaultwarden: Vaultwarden gives you the Bitwarden experience with self-hosted server. KeePass gives you a file. Both eliminate cloud dependency; Vaultwarden is more user-friendly, KeePass is more file-portable.
Use cases where KeePass wins
You specifically want a local-first password manager with no cloud dependency.
You want zero recurring cost.
You value extreme portability of your password file.
You enjoy the customization and plugin ecosystem.
You are a technical user who does not need the polish of commercial alternatives.
Use cases where KeePass loses
You want the smoothest user experience. 1Password.
You want easy family sharing. 1Password Families.
You want easy multi-device sync without thinking about it. Bitwarden or 1Password.
You want a polished mobile experience. Cloud-based competitors.
You are managing passwords for non-technical family members. KeePass is too much friction for them.
A practical setup pattern
For users adopting KeePass:
-
Install KeePassXC on your primary computer.
-
Create a database with a strong master password (and optionally a key file for additional security).
-
Decide your sync strategy. Common options:
- Dropbox/iCloud/OneDrive sync (the .kdbx file lives in cloud storage; clients access it from there)
- Self-hosted Nextcloud or Syncthing for sync without commercial cloud
- Manual file copy between devices (works for low-frequency users)
-
Install KeePassXC-Browser extension and integrate with your browser.
-
Install KeePassDX (Android) or Strongbox (iOS) on mobile, configured to access the same .kdbx file via your sync mechanism.
-
Test the sync. Add a password on one device, verify it appears on others.
The setup takes 1-2 hours for someone new to it.
A specific recommendation
For users who specifically want a local-first, free, open-source password manager: KeePassXC plus the platform mobile apps (KeePassDX/Strongbox). Sync via Syncthing or Nextcloud for full self-control, or via Dropbox/iCloud for simplicity.
For most users who want easier UX and are willing to pay $10/year: Bitwarden Premium. Better daily experience for most use cases.
For users who want polish and family sharing: 1Password Families at $60/year.
For technical users who want maximum control and zero recurring cost: KeePassXC is the answer.
KeePass | KeePassXC | KeePassDX | Strongbox
Related: 1Password versus Bitwarden in 2026, Bitwarden setup walkthrough on a five dollar VPS