Password manager KeePass 2.23 update released

The password manager KeePass has been updated today to version 2.23. The update shipped roughly a week after the legacy version of the program got updated to version 1.26.  KeePass 2.x supports additional features and operating systems, but does require the Microsoft .Net Framework 2.0 or Mono 2.6 or higher which KeePass 1.x does not require.

The new version of KeePass introduces several new features, improvements, changes and fixes. A detailed list of all changes is available on this page on the official website.

Since I'm using KeePass as my primary tool to save passwords on my computer systems, I'd like to point out some that I find interesting.

Password generator

First thing that you may find useful is the ability to generate a password straight from the system tray. Just right-click the icon there and select Generate Password to open the password generator window. If you keep KeePass tucked away in the system tray most of the time, it may save you a couple of clicks when generating passwords.

keepass generate password

Password quality

The algorithm that is judging the quality of passwords has been rewritten in the new version. You can find out about the quality by opening any card in the password manager. There you find the quality bar that provides you with a rough indication of a password's security. Values range from 0 (very weak) to over 128 indicating very strong passwords.

password quality

Bookmarks Import

KeePass 2.23 can import Mozilla bookmarks in HTML or JSON format, which you can use for safe keeping for example in the application. To do so, select File > Import and select one of the available options under browser here.

import mozilla bookmarks

Misc changes

  • Support for Roboform's new file format, and Network Password Manager 4.0 CSV files.
  • Option to accept invalid SSL certificates.
  • Import into active database trigger.
  • Improvements to the global KeePass activation hot key.
  • Improved data URI validation.
  • Remembering the last used database does just that now (instead of using the last opened or saved database automatically).

You will be notified by KeePass 2.x that an update is available. There is still no option though to download and install it from that dialog. For that, you need to visit the official website of the service. Download the installer or the portable version from the website and either run the installer or overwrite your current directory if you have downloaded the portable version of the program.

Closing Words

KeePass is getting better and better, and while many may find it too complicated to use, it is not really once you have played around with it for a while.

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail



Responses to Password manager KeePass 2.23 update released

  1. Rahul July 20, 2013 at 4:23 pm #

    hello martin

    this is indeed a great app, it will be awesome if you can write some tips and tricks on keepass to make password management workflow better

    • Martin Brinkmann July 20, 2013 at 5:31 pm #

      I'm not sure if I can get enough tips to warrant an article. Make sure you check out the global hotkey link in this article as it is one of the best features of KeePass.

  2. Dan July 20, 2013 at 7:12 pm #

    I notice the new new password quality meter and a what it is supposed to mean, and I would disagree with the developer. For instance, it rated one of my pseudo-randomly generated 12-char alphanumeric passwords for GMail as 65-bit (weak). But every offline brute-force attack I've read says that they can barely attack more 8 characters in a reasonable amount of time, and 12 chars is a few orders of magnitude higher than that. In my opinion, against a non-governmental adversary, 12 characters is enough security. Most of my passwords are 16-char, but I use 12 for this one cause it can be tedious to type 16 chars every time I access the Google Play store. :p

    Even the NSA or the FBI wouldn't bother to waste time and electricity brute forcing a 12-char password. They'd just perform a "rubber-hose cryptanalysis" on my person, or better yet, they'll just access my cloud account with no warrants necessary. It's tough being a non-American and using US-based cloud services.

    Anyway, I love KeePass 2.xx and I integrate it with my Opera (and Chrome) browsers using the keepasshttp plugin and ChromeIPass extension. It's almost as usable as Lastpass, but without the fear of using the cloud.

  3. Charlie July 22, 2013 at 7:39 am #

    I'm a home user with a desktop (wired) & a laptop (wireless), both running W7 Home Premium & I have no PW manager at present. I travel with the laptop a few times a year. Not at all a computer geek. Would KeePass or LastPass be better for folks like me? We need "simple" but effective. Thanks in advance.

    • Martin Brinkmann July 22, 2013 at 7:48 am #

      Well, the benefit of Last Pass is that the syncing is automatic, which means that you only have to install it in each browser and have your username and password with you to access all of your account information.

      With KeePass, you would have to find a way to sync the password database file between devices. This is not a huge problem but still something that you need to take care of (for instance by uploading it to a file hosting service such as Dropbox).

      • Charlie July 22, 2013 at 5:27 pm #

        LastPass it is. I don't want any complications.

      • Charlie July 22, 2013 at 5:29 pm #

        And 2 PC's x 3 browsers = 6 browser installs. That's enough for me.

Leave a Reply