KeePass 2.60 / KeePass 1.43 Classic

(20 votes, 3.40 out of 5)

2025-11-02 00:00 7310

Download

Description

Changelog

Specifications

KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database.

The databases are encrypted using the best and most secure encryption algorithms. A password database consists of only one file that can be transferred from one computer to another easily.

KeePass supports the Advanced Encryption Standard (AES, Rijndael) and the Twofish algorithm to encrypt its password databases.

Both of these ciphers are regarded as being very secure. AES e.g. became effective as a U.S. Federal government standard and is approved by the National Security Agency (NSA) for top secret information.

KeePass All Features:

KeePass uses the common CSV export format of various passwords safes like Password Keeper and Password Agent. Exports from these programs you can be easily import to your KeePass databases. The password list you can be export to various formats like TXT, HTML, XML and CSV.

The application has portable edition: you can carry it on an USB stick and runs on Windows systems without installation.

Strong Security

The app supports the Advanced Encryption Standard (AES, Rijndael) and the Twofish algorithm to encrypt its password databases. Both of these ciphers are regarded as being very secure. AES e.g. became effective as a U.S. Federal government standard and is approved by the National Security Agency (NSA) for top secret information.
The complete database is encrypted, not only the password fields. So, your user names, notes, etc. are encrypted, too.
SHA-256 is used to hash the master key components. SHA-256 is a 256-bit cryptographically secure one-way hash function. No attacks are known yet against SHA-256. The output is transformed using a key derivation function.
Protection against dictionary and guessing attacks: by transforming the master key component hash using a key derivation function (AES-KDF, Argon2, …), dictionary and guessing attacks can be made harder.
Process memory protection: your passwords are encrypted while KeePass is running, so even when the operating system dumps the KeePass process to disk, your passwords aren’t revealed.
[2.x] Protected in-memory streams: when loading the inner XML format, passwords are encrypted using a session key.
Security-enhanced password edit controls: KeePass is the first password manager that features security-enhanced password edit controls. None of the available password edit control spies work against these controls. The passwords entered in those controls aren’t even visible in the process memory of KeePass.
The master key dialog can be shown on a secure desktop, on which almost no keylogger works. Auto-Type can be protected against keyloggers, too.

Changes in KeePass 1.60 Professional:

New features:

Added option ‘Search for group paths in quick searches’ (in ‘Tools’ → ‘Options’ → tab ‘Interface (1)’, turned on by default).
Added optional main entry list columns ‘Group Path’ and ‘Group Name’ (both turned off by default, can be turned on in ‘View’ → ‘Configure Columns’).
In list views that support selecting multiple items, all items can now be selected by pressing Ctrl+A.
In list views that have a corresponding ‘Delete’ button, the selected items can now alternatively be deleted by pressing the Delete key.
Added empty state messages for list views.
The placeholder confirmation dialog now contains links to the help pages on placeholders and security.
If the global auto-type hot key is Ctrl+Alt+A and the new French Standard AZERTY keyboard layout (introduced in Windows 11 24H2) is active, KeePass now shows a warning dialog (telling the user that Ctrl+Alt+A is in conflict with a system key combination producing a character and where it can be changed).
Added ‘More information’ link in the Ctrl+Alt+A conflict warning dialog.
The clipboard clearing countdown bar now has a tooltip that shows the remaining number of seconds.
When the optimization for screen readers is active, the clipboard clearing countdown bar is now an alert.
When the optimization for screen readers is active, quality progress bars can now be focused (using the Tab key).
Added support for importing Mozilla Firefox 143 passwords CSV files.
Bitwarden JSON import: if the value of a ‘totp’ field consists only of Base32 characters, it is now treated as a shared secret for time-based one-time password generation.
Added support for parsing Unix timestamps in milliseconds.
Added workaround for focus bug after returning from a secure desktop.
ShInstUtil is now built using Visual Studio 2022.
ShInstUtil: added support for generating native ARM64 images (NGen) on ARM64 systems.
When using the MSI file for installing KeePass, native images (NGen) are now generated and the start-up performance is optimized (as the regular installer does by default).

Improvements:

It is now possible to select an item in the drop-down list of the quick search box using the keyboard (the quick search box can be focused by pressing Ctrl+E, and the drop-down list can be opened by pressing Alt+↓).
Disabled auto-completion of the quick search box (because the auto-completion causes a bug when trying to search for a new text while the drop-down list is being displayed).
The commands ‘Show HMAC-Based OTP’ and ‘Show Time-Based OTP’ now display the generated OTP with a larger font (on Windows Vista and later).
In order to avoid selection/Ctrl+A problems, the entry string name auto-completion now does not append suggestions anymore; it only shows a list of suggestions (in which a suggestion can be selected manually).
In the entropy collection dialog, the number of bits generated using the mouse is now displayed on the quality progress bar.
The value of a ‘File/URL’ or ‘Key file’ field of a trigger event/condition/action may now optionally be enclosed in double quotation marks.
When shutting down the system, KeePass now saves the configuration immediately.
Improved parsing of floating-point numbers in some places.
When trying to use the Windows user account as master key component and the ‘ProtectedUserKey.bin’ file cannot be decrypted, KeePass now shows an error message and does not overwrite the file anymore.
Improved handling of unsupported custom icons.
Improved handling of invalid handle values.
Improved plugin loading error messages.
Improved native structure tests.
ShInstUtil: improved command line handling.
ShInstUtil: improved uninstallation of native images (NGen).
ShInstUtil: improved .NET check.
Upgraded installer.
MSI setup: when updating from KeePass 2.60 to a newer version, shortcuts created manually by users (e.g. pinned to the start menu or the taskbar) should not break anymore.
Various code optimizations.
Minor other improvements.

Changes in KeePass 1.43 Classic:

New Features:

Added option ‘Prevent certain screen captures’ (in ‘Tools’ → ‘Options’ → tab ‘Advanced’, turned off by default); note that this may also prevent legitimate other software (remote desktop solutions, accessibility tools such as screen magnifiers, etc.) from seeing KeePass windows.
Added {PASSWORD_ENC} placeholder, which is replaced by the password of the current entry in encrypted form (DPAPI/CryptProtectData).
Added ‘-pw-enc:‘ command line parameter.

Improvements:

Improved database save confirmation dialog text.
Improved behavior of the translation system for untranslatable strings.
Improved project cleanup script.
Upgraded installer.
Various UI text improvements.
Various code optimizations.
Minor other improvements.

Bugfixes:

Fixed a Windows version detection bug.

Homepage – https://keepass.info

Supported Operating Systems: Windows 7, 8, 8.1, 10, 11 (32-bit, 64-bit).

Size: 4.23 MB