참조: KeePass 후기는 아직 한국어로 번역되지 않았으며, 현재 영어로만 제공되고 있습니다. 최상위 패스워드 매니저의 한국어 후기는 2021년 최고의 보안을 자랑하는 비밀번호 관리자 TOP 10 (쿠폰 제공)에서 확인하세요.
SafetyDetectives에서는 공정한 정보를 제공합니다. 여기에 수록된 모든 정보는 사이트 내 링크를 통한 구매와 이로 인해 발생한 수수료와는 무관합니다.

2021년 KeePass 리뷰

7.0
괜찮음
50명의 암호 관리자로부터 27으로 평가됨
50명의 암호 관리자로부터 27으로 평가됨
소피에 앤더슨
소피에 앤더슨
게시 일자: 2021년 1월 17일

전문가 상세 후기

KeePass Password Safe is a different animal in the password managers’ universe. Although many tools are free, KeePass is also a completely open-source based password manager. This has several implications that are pretty important in deciding whether this is the right tool for you.

KeePass is not a flashy, easy-to-use software. Compared to other free password managers, such as LastPass or RoboForm, which feature a modern and friendly interface, KeePass is lagging behind; in fact, a user with no background (even a basic one) in manual software configuration and putting simple scripts to work might be confused by its design and lack of intuitiveness. However, the real value of KeePass is in its surprising amount of features, security strength and versatility—if you are up for the task of learning how to use it. After looking closely at almost 70 password managers, here’s what I thought you really need to know about this unique tool.

Features

KeePass offers two versions of its tool that vary in the basic features available (see screenshot). 1.x is much leaner and may be a good solution for getting started, as both versions are free.

You will find that the 2.x version offers loads of features that cover a wide range of different scenarios and uses (some via plugins). It is an impressive offering and it matches up very well to other password managers on the market (more than LastPass and Dashlane; only Zoho Vault offers a comparable amount, but remember that open-source evolves faster due to its decentralized nature), but you would be wise to consider the learning curve required for integrating the various plugins (over 100!), or scripts and getting familiarized with them. This is relevant to in-demand features, such as a mobile app (there’s an unofficial version available) and browsers’ extensions that are available only through plugins.

The rule of thumb with this password manager’s features is that whatever is not already in the box has a workaround via a plugin, or a third party unofficial development (a mobile app, for instance). The version I reviewed is 2.41, and as an open-source tool, we can expect that its evolution will consist of more and more features in varying specificity levels.

Features

Remember that by default, KeePass stores the data locally on your device. This is great for security compared to other password managers who sync it to a cloud service (Dashlane, for instance) but if you do want to use such an option you can configure KeePass to do so, but expect to do some copying and pasting manually. A good practice would be to put KeePass credentials database on cloud-syncing folders, like OneDrive, Google Drive, etc. There’s no limit to the number of passwords you can create and KeePass also allows you to create as many sub-folders as you want to manage your databases.

Features

Here are the main features to pay attention to:

Top-notch security

KeePass is not shy about its security strength, and they like to show it (see their awards section). The program checks itself with every run and alerts if any of the algorithms fail the test. For those who are apprehensive about the open-source model in a security context, you may want to read what KeePass says on its home page (see screenshot below).

  • Supports AES and Twofish, compounding a very high-security level
  • SHA-256 encryption, a 256-bit cryptographically secure one-way hash function
  • Complete database encryption: KeePass encrypts the password fields, but also usernames, notes and other details as well
  • KeePass process memory protection: passwords are encrypted while KeePass is running. This feature prevents using the process of dumping memory to disk by your OS as a backdoor to reveal your passwords.

Top-notch security

Top-notch security

Multiple user keys

  • One master password is used to decrypt the entire database
  • Using a key file (on its own, or in tandem with the master password). Carrying the file in a physical piece of hardware (a flash drive, for example) means it is safe from cyber attacks, but make sure you don’t lose it!
  • You can combine the key file with the master password for stronger 2-factor authentication encryption. The good news is that losing the key file does not compromise your database’s security.

Multiple user keys

Portable and low-signature version

  • KeePass features a portable version that can be carried on a flash drive and runs on Windows OS without any installation needed (see versions screenshot above)
  • KeePass doesn’t store anything on your system. No new registry keys or INI files are created in a Windows directory.
  • Deleting KeePass (either the ZIP or installer package) doesn’t leave a trace of it in your OS

Import-export standards

KeePass does a good job taking care of its relatively weak point when it comes to browser integration with easily importing and exporting data from other password managers out there (in the pro version). In fact, with over 40 vendors included (LastPass, RoboForm 8, Dashlane 4 and others), it may well be a leader in this category. The downside is that you’d have to do some manual copying and pasting.

  • Password list can be exported to TXT, HTML, XML and CSV formats
  • The XML output can be used in other applications
  • The HTML output employs CSS to format tables for easy layout changes
  • The CSV output is fully compatible with most other password safes
  • The CSVs can be imported by spreadsheet applications like Microsoft Excel

Plans and Pricing

There’s no fine print here: KeePass is totally free, regardless of the version you wish to use. You do have the option to make a donation to support this open-source effort on the website, but it is completely voluntary. As for plans, as I’ve noted in the overview, the difference between the lighter 1.x version and the 2.x (sometimes referred to as “pro”) is in the number of available features. The KeePass website does a good job in comparing the two versions head-to-head according to various categories/use-cases (see screenshot).

Plans and Pricing

Ease of Use and Setup

Installing KeePass to my Windows 10 system was smooth and easy; downloading the desired version was quick and the site is informative and helpful. KeePass was designed to operate in a windows environment and covers even ancient legacy versions (even as far back as Windows 7, via… plugins), but it is compatible with Mac iOS, Linux and other OSs out there.

The major issue with KeePass is the overall UX/UI, namely, the grey Windows 95-style screen that welcomes you once the program is opened. There are no pop-ups, tool-tips or any indication of what you should be doing to actually start putting this tool to good use. This is the downside of the open-source nature of KeePass, as much work was put into the technical security functionalities, but the design obviously suffered major compromises.

Ease of Use and Setup

It’s hard to imagine a non-techy user being comfortable using this password manager. Other then the main menu ribbon, there’s nothing out there to prompt any action. The first thing you want to do is to create a new database by clicking the somewhat obscure icon (see screenshot). From there on you could choose which folders to work with.

The password generator interface is equally old fashioned, yet clear and offers the most configurable, detailed password creation out there (see screenshot). You could set and configure virtually every aspect of your master password as it is rated in real time by the generator. As you noticed with KeePass, the level of features and configuration stands up to the paid competitors in the password management universe, but an ordinary user probably wouldn’t find a use for most of them.

Ease of Use and Setup

Security

As I mentioned earlier, KeePass employs the SHA-256 encryption standard, which is considered the highest in the industry and has shown no major weakness so far. Paring that with the key-file option creates a very powerful 2-factor authentication that incorporates a physical aspect (a flash drive carrying your key-file) that is less vulnerable to cyber attacks. As an out-of-the-box feature, this is very nice (and free!).

As far as I know, the KeePass password management system did not show any critical weakness that is prone to breaches—so, in terms of security, it is a very powerful tool.

If you ‘d like to backup your password database, KeePass doesn’t offer a built-in option, but it is possible to do a manual backup.

Customer Support

KeePass is an open-source venture, as such there’s no major corporate-level support as users have come to expect in password management (and in any other services). The website offers a help page with an FAQ section, but this will not benefit a user that finds technical reading tedious and just needs a helping hand in real time. To their credit, KeePass’s help is very well organized and detailed.

Learning how to perform manual processes and getting around the somewhat bleak interface is done through a wiki that is referred to from the help page (see screenshot).

Customer Support

The program does support a vast number of languages, thanks to the open-source contribution from many individuals from all over the world. In that respect as well, no other password manager has such extensive language support, which would make a lot of users happy around the globe.

Customer Support

KeePass의 제품 및 가격 책정

저자에 대한 정보

소피에 앤더슨
소피에 앤더슨
보안 연구원 & 기자

저자에 대한 정보

원래 소프트웨어 엔지니어로 지난 10년간 보안 연구원 및 기자로 근무했습니다.

Password Managers Comparison

상위 3개의 변경 가능한 암호관리자들를 확인하세요

KeePass 사용자 리뷰

12 0
12 개 리뷰에 기반함. 2 언어에서 9.8
언어
현재 KeePass 한국어에 대한 리뷰가 없습니다. 해당 서비스에 대해 경험이 있으신 경우, 한국어(으)로 리뷰를 작성하는 첫 번째 사용자가 되십시오.
사용자 신뢰도가 우리의 최우선 순위입니다! 백신 회사는 비용을 지불하여 리뷰를 변경하거나 삭제할 수 없습니다.

사용자 리뷰가 없습니다. KeePass의 첫 리뷰어가 되십시오!

후기 작성

KeePass에 대한 리뷰 쓰기

0.0/ 10.0

리뷰를 제출하려면 이메일 주소를 입력하십시오.