KeePass 2.35 has just been released; the latest version of the popular desktop password manager for Windows ships with a new file format and Argon2 support among other things.
KeePass is my password manager of choice, and at least some regulars here on Ghacks are using it as well instead of other password managers.
What I like in particular about it is that it is a local password manager that you can extend if you want to. There are plugins to integrate better in browsers, to sync between devices, and for a lot of other things that some users may like but others don't require.
KeePass was audited recently as well -- version 1.x only however -- and nothing critical in terms of vulnerabilities were found in the password manager.
While you can run an update check in the program itself -- it will check for updates automatically as well -- you will have to download the latest version of KeePass from the official project site as automatic updates are not supported.
Just head over to the downloads page on the KeePass website to download the latest version. The software is as usually offered as an installer and a portable version.
Installation should not pose any issues at all, nothing seems to have changed in the installer. Your old password database files will load just fine in the latest version of KeePass, so nothing changed in this regard as well.
KeePass 2.35 ships with a new file format, KDBX 4, which offers improvements over previous versions and new capabilities. We talked about the benefits in a previous article already, so only the basics this time.
KDBX 4 supports ARgon2 key derivation. The function won the password hashing competition recently. The main advantage of it over the function used previously is that it offers better resistance against GPU/ASIC attacks.
KeePass users can choose between AES-KDF (the default used in KeePass 2.34 and earlier) and Argon2 in the database settings:
Other improves in the new KeePass 2.35 include:
You can access the full list of changes of KeePass 2.35 on the official website.
KeePass 2.35 improves the password manager in several meaningful ways. The new database file format supports new features and a new key derivation function. There is also a new encryption algorithm, and plugins are bound to become more powerful with the extra features they can now utilize.
The upgrade to KeePass 2.35 from previous versions worked fine on two test systems I ran the upgrade on. Everything worked just like before after the upgrade completed.
Now You: Which password manager do you use, and why?
If you like our content, and would like to help, please consider making a contribution: