Should I use KeePass or KeePassX
February 27, 2017 10:44 PM   Subscribe

I am using LastPass now, but have read that KeePass is a better choice. But then I find there are two variants. I use Windows 7 PC andan Android smart phone. Is there a security difference between KeePass and KeePassX or should I use whichever has a prettier (to me) interface?
posted by twsf to Computers & Internet (7 answers total) 10 users marked this as a favorite
I've been a longtime KeePass user. and I'm perfectly happy with it.
I'm pretty sure the only Android/Windows phone apps available (KeePassDroid etc.) are unofficial ports. The main thing with KeePass is the database format; in theory, any of the client apps ought to be as secure as any other - you just need to satisfy yourself that you trust whoever made the port, that the source is available, and that (in the case of a phone app) it isn't asking for more permissions than it ought to.
posted by pipeski at 3:08 AM on February 28, 2017 [1 favorite]

tl;dr: for each device pick the one that's easier for you to use on it.

Firstly, you're probably aware of this but keep in mind LastPass and KeePass are not directly equivalent in functionality. You'll need to manually sync the KeePass database between all devices you own every time you make any changes to it. I'm sure other KeePass users will chime in with their preferred methods of doing so.
I believe LastPass does this automatically for you because a copy of your password database is stored somewhere in a server you don't control, ie the cloud.

With that out of the way, unless something has changed recently, both KeePass and KeePassX use the exact same database format, meaning you can use whichever you like best for each of your devices.
Actually, since neither of the 2 has an Android version you'll have to use at least two different programs, one for your smartphone and other for the PC. Again, since they share the database format, this should cause no issue apart from different UIs in each device, as long as you keep the database file properly synced.

If there are security differences they are down to the implementation of each particular program. AFAIK, none of the 2 you listed has any serious vulnerabilities currently disclosed.
posted by Bangaioh at 3:24 AM on February 28, 2017

I use KeePassX - syncing the dB file to SpiderOak so that it is shared across devices. However, Dropbox or whatever is perfectly safe to use too as the dB file is encrypted.
posted by COD at 5:35 AM on February 28, 2017 [1 favorite]

I use KeePass on Windows and KeePassX on Mac/Linux. Same DB.
posted by LoveHam at 8:38 AM on February 28, 2017 [1 favorite]

I use KeePass on a Windows PC (and MiniKeePass on 3 iOS devices--don't know if there is an Android version). I'm happy with both and with syncing the databases manually. KeePass has a stand-alone version that you can run off a USB stick--I carry a copy of that and the database with me. I stick to KeePass precisely because it doesn't need to go near the web.
posted by Logophiliac at 8:47 AM on February 28, 2017

I use Keepass2Android on Android and KeePassX on Mac, synced via Dropbox (Dropbox's Mac app and the DropSync Android app). No effort, no issues.
posted by TruncatedTiller at 1:41 PM on February 28, 2017

Thanks for all the insights. For cross platform ease-of-use reasons, I decided to go with LastPass and have been happy with it.
posted by twsf at 6:41 PM on April 5, 2017

« Older Drop the meat and nobody gets hurt   |   Business Intelligence for a small organisation Newer »
This thread is closed to new comments.