Password Manager

KeePassXC vs KeePass vs KeeWeb: My Best Password Manager 2022

My best password manager 2022 is KeePassXC combined with Dropbox, Chrome-plugin and KeePass2Android.

KeePassXC Login
KeePassXC Login

My best password manager 2022 is: KeePassXC.

For many years, I have been using KeePass, the original.

It has always worked flawlessly for my purposes. Via Dropbox, I had access from all my devices. On my cell phone, I had KeePass2Android installed.

This way I always had access to all my usernames, passwords, accounts, credit cards, tax ids, other numbers and much more.

Now, I migrated to KeePassXC.

For me, as of now, the much better solution. I’ll explain, why. But first of all:

Why do you need a password manager?

How many passwords do you think you can reliably keep in your head?

In case you – like me – are not too optimistic:

How many usernames and passwords do you want to manage every day, x number of times, by hand, on a piece of paper or in an Excel spreadsheet?

Ctrl C, Ctrl V … seriously?

Where should you keep your passwords?

Passwords are secure if they are long and complicated. Far too complicated to remember or even write them down.

Under no circumstances should you use the same password for different purposes, accounts, user accounts, etc.. Because: if a website has been “cracked”, you want to be sure that at most this one account of yours is affected. Go there, change, done.

Else, you are in a really bad situation, where you might not even know where else you have used the same, maybe already compromised password. And you start pondering (and sweating 🙂 )

So, no doubt. In order to keep your valuable passwords secure and safe, a database is the appropriate solution. Best, in conjunction with a password manager software.

The advantages of a password manager software

Your password manager invents a separate password for each of your accounts, makes it so long and so pointlessly complicated that you don’t even want to write it down.

Now the question becomes, how can you have secure access to your database?

Of course, from as many devices as you like, where you actually need your usernames, passwords, etc.

A password manager software like KeePass or KeePassXC delivers both, a secure database with ubiquitious accessability.

For example, you want to register for an online store or you want to create your next social media account: All you would have to do is, let the password manager create a new entry, give this entry a name, fill in your username and the URL. Maybe you add a note.

Then let the manager create a new, unique password, complete your registration.

Done.

That’s exactly, what a password manager is for, and what it is doing best. Over and over again.

But wait, there is more: the real benefit comes with browser integration!

Probably the biggest advantage: browser integration

In 9 out of 10 cases I have to enter username and password in the web browser.

For all kinds of purposes, starting with online banking, for all kinds of stores and especially for all kinds of websites, databases, social media accounts, WordPress installations, software licenses … you name it 🙂

That’s why you definitely want a so-called browser integration for your password manager.

That is: a plugin for your favorite web browser, be it Chrome, Firefox, Safari, Opera, …

How the browser plugin works

The plugin accesses your password database, detects that the page you accessed requires a login. If matching credentials can be found, these will be copied to the corresponding fields in the login form.

All you have to do, finally, is: click the Login button.

How to get there, step by step

Below, you find all the details, how you could implement your own solution.

By the way: this solution is completely free.

No purchase, no subscription required.

Even if you use cloud storage, as I strongly recommend. If you are the one, that has not been used it yet, then a free account is sufficient. Else, you are already using a cloud storage, and your password database is just yet another reason to use it to your advantage.

Anyway, the good news is: even a very large password collection can be stored in a small database file. This should still fit on any free cloud storage account, be it Google Drive, Dropbox, OneDrive, …

So, what are you waiting for?

KeePass + KeePassHttp + Dropbox + Keepass2Android

Very briefly, just for comparison, my previous solution around KeePass, the Original.

Inventor, developer and maintainer of this unique open-source software is Dominik Reichl. He is still providing and updating two flavors: Version 1.x and 2.x

Both versions are Windows only.

KeePassXC, on the other hand, runs on all major operating systems: Windows, macOS, Linux – see below.

It has always been a mystery to me personally why the clearly limited version 1 is still available. Apparently some users insist on it …

However, from my point of view, version 2 is clearly recommended just because of the Unicode support, UTF-8.

What about browser integration?

There is an endless list of all the official and inofficial KeePass plugins. Impressed? Should not be that problem …

Well, let’s put it this way: more than 5 types of jam is overwhelming the vast majority of us 🙂

For years I have been using the KeePassHttp plugin. In conjunction with various Chrome plugins. Most recently: KeePassHttp Connector.

For some time now, after each update, KeePass has been reporting that the KeePassHttp plugin has not been updated for some time. The developer has apparently dropped it.

Open-source software has such huge advantages. The fact that important developers simply leave at any time and are difficult to replace is definitely not one of them for me.

Let’s keep it short:

Once you have installed KeePassXC, including the one matching browser plugin … no comparison. For that reason alone, I wouldn’t even think about going back to the original KeePass today.

Much better: KeePassXC + Dropbox + KeePass2Android

This is the download page: KeePassXC Download for Windows, MacOS, Linux.

Like the original, KeePassXC is an open-source project. Originated in 2016 from a fork of KeePassX, which has since been discontinued.

The KeePassXC Developer Team currently consists of 6 people.

That is – sorry Dominik – sixfold.

A strong signal of trust: future updates don’t immediately fall away, should a developer drop out.

KeePassXC installation and browser integration

Simply download the main program and – as usual on the respective platform – wave it through until the program starts for the first time.

Currently there are three different browser plugins:

Opera and Safari are not supported.

I am using KeePassXC on several Windows 10 desktops and notebooks, integrated with Chrome.

On installation, sometimes a message appears, this or that library is missing. Then, all you have to do is: follow the instructions, how these things can be installed as well. I had no final issues with any of my installations.

In the following YouTube video, Philipp is demonstrating, how he installs KeePassXC on MacOS, including browser integration.

Since the look and feel is not really that different, on Windows or Linux, this video is useful for everyone interested in this password manager software and its typical user experience.


Youtube Video: by clicking "Play", data is submitted (protected mode)

Free and commercial alternatives

There are so many password manager programs and apps. And even more tests and recommendations. What is real and trustworthy, or due to the affiliate commission … remains to be seen.

In this respect, my recommendation for KeePassXC is unsuspicious. Commissions for free open source software have not been invented yet (unfortunately 🙂 )

But of course I can imagine that my great tip does not meet all individual needs and preferences. Therefore, here is a list to google, as a first overview and start your own comparison journey:

LastPass

  • Windows, Mac, iOS, Android, Linux
  • Chrome, Firefox, Edge, Safari, Opera
  • Optional Two-Factor-Authentication (2FA)
  • Limited free version

Kaspersky

  • Windows, Mac, iOS, Android
  • Browser-Plugin for Chrome, Firefox, Edge, Safari

Avira

  • Plugin for Chrome, Firefox, Edge, Safari, Opera

NordPass

  • Windows, Mac, iOS, Android, Linux
  • Chrome, Firefox, Edge, Safari, Opera
  • Optional Two-Factor-Authentication (2FA)
  • Limited free version

Password Depot

  • Windows, Linux
  • Chrome, Firefox, Safari

Dashlane

  • Windows, Mac, iOS, Android, Linux
  • Chrome, Firefox, Edge, Safari
  • Optional Two-Factor-Authentication (2FA)
  • Optional VPN integration (Virtual Private Network)
  • Limited free version

Enpass

  • Windows, Mac, iOS, Android, Linux
  • Chrome, Firefox, Edge, Safari, Opera

1Password

  • Windows, Mac, iOS, Android
  • Chrome, Firefox, Edge, Safari, Opera
  • Optional Two-Factor-Authentication (2FA)

StickyPassword

  • Windows, Mac, iOS, Android
  • Chrome, Firefox, Safari, Opera
  • Optional Two-Factor-Authentication (2FA)
  • Limited free version

Keeper

  • Windows, Mac, iOS, Android
  • Chrome, Firefox, Safari, Edge, Opera
  • Optional Two-Factor-Authentication (2FA)

Bitwarden

  • Windows, Mac, iOS, Android, Linux
  • Chrome, Firefox, Safari, Edge, Opera
  • Optional Two-Factor-Authentication (2FA)
  • Open-Source

Password manager solutions for teams and enterprises

All the packages mentioned so far are single-user solutions for single users. Except for Dashlane, which is also available in a multi-user version, for entire teams and companies.

Who spontaneously has the idea, multi-user goes fast and cheap, simply mail the master password to everyone … WAIT!

Such “password sharing” is definitely not a good idea. It becomes painfully obvious, for example, when a team member leaves.

Also, from a technical point of view, expect any possible and impossible effects, when you finally find out, e.g. the database or another component actually only handles single users, not several users at the same time, in parallel.

Dashlane Business

Compared to the single license, an employee / user administration functionality is built in here. All components are guaranteed to work even in parallel access of n users simultaneously.

Passwork

Passwork offers similar features to Dashlane Business, but it is your choice, where you do install it: in the cloud or on your own hosting.

The software is developed in Finland. For German customers there are cloud servers in Germany.

What is the most secure password manager?

The most secure password manager is the one with the lowest risk of something going wrong.

What can go wrong?

Hmmm, just a small selection of what I can think of:

  • The server (the cloud) is compromised.
  • The connection between the database and the browser plugin is tapped.
  • You forget the master password.
  • Synchronization between multiple devices fails.
  • You save the database on a USB stick, drop it, someone slips on it, and you forgot to make a backup.
  • You accidentally delete the database file.
  • Your laptop is lost, along with the database and all your passwords.
  • You “share” your master password with someone and can’t find anything.
  • You don’t have Internet, with that device, in that place where you need it.

In my experience, very few problems are of a technical nature. Whether this or that encryption, this or that security protocol, and so on and so forth.

Cloud vs local database

The “cloud”, a server somewhere on the Internet, is not inherently more insecure than a locally stored file.

Fire protection, data backup, access control, etc. probably work drastically better in a professional data center than at your home, for example 🙂

On the other hand, your passwords in particular are so damn critical, important and indispensable data. I would definitely want to keep them under control, personally.

From my point of view, there is no reasonably comfortable and at the same time reasonably secure solution without a cloud. You need at least a Dropbox, Google Drive, OneDrive or a similar online storage.

In contrast to the pure plugin solution, to me, it is worth a lot, that I know where the file is located. I can pull a copy myself, every time I feel like it, and push it somewhere. Without having to depend on what my contract partner is doing (or missing) on his servers.

Proprietary vs Open Source solution

Yes. Open-source solutions are usually less convenient than commercial offerings.

On the other hand: open-source doesn’t go out of business. It will always be available. Those who can, can view the source code, fix bugs, add features, etc.

The larger the community, the more certain I can be.

Conclusion: what’s the best password manager?

THE best password manager does not exist. Has never been and will never be.

The technical standards for encryption and networking will continue to evolve. Established programs and projects are gathering dust and will be replaced by new offerings, all the time.

The biggest uncertainty factor is the person who sets up and uses a password manager, and how he or she comes up with their own concept of how best to deal with these hundreds of accounts that are increasing every day.

And how this person can personally ensure that he himself or she herself does not make any unforgivable mistakes when dealing with these valuable passwords.

As good as humanly possible.

Amen 🙂

Wolfram Kläger is the author of generateCLICKS, founder and CEO of whkmedia, based in Hannover, Germany. When he's not busy with websites and YouTube, Wolfram can be found with his wife, on the road in their Multivan, or he is looking for a coffee and a buttered pretzel.