KeePass 2.56 released: options search and history improvements
The developer of the free password manager KeePass has released version 2.56 of the Windows application. KeePass is a local password manager by default; this means that it does not require a cloud account or cloud connectivity. It is possible to use sync functionality, but this is completely optional.
The release comes less than a week after the release of KeePass 1.42, which you can read about here.
KeePas 2.56 is provided as a portable version and installer. Note that Windows may throw a SmartScreen warning, which users may want to ignore, as it is a false positive.
KeePass: new features
One of the new features of KeePass 2.56 adds a search to the preferences of the application. You find a new search field at the bottom of the options interface. Use it to find matching entries in the options.
The search highlights the first matching entry while you type. Use the Enter-key to jump between matching items. Note that the search feature does not highlight the number of found entries. This is not a huge issue, as KeePass does not have thousands of options. Still, listing the total number of found entries and the number of the current entry would be useful.
The second new feature improves the password manager's History feature. The history tab of a selected password displays detailed information about changes to the entry. It reveals when a password has changed and even includes a compare option to compare the data side-by-side.
Tip: to compare two entries, select them both by holding the Ctrl-key and clicking on them. The compare button becomes active once you have selected two entries.
The history interface features a new "more" button. This button includes two options. The first allows you to select all history entries. You may also do that using the keyboard shortcut Ctrl-A.
The second deletes all historic entries. The current data set and any unsaved data sets remain available. All past records are removed, however.
The program's history is useful, as it allows you to check previous passwords and other data, for instance after merging two KeePass databases.
Several smaller improvements are also introduced in the new release. The password manager's process memory protection has been improved. The same has been done for "some report dialogs" according to the official release notes.
Check out the full release notes here for other changes in the new KeePass version.
Closing Words
KeePass is an excellent password manager, especially if yo want a local password manager with optional sync functionality. Some users may be deterred by the program's ancient looking interface. If you look beyond that, you get a powerful password manager that is quite extensible as well, if you want.
You may read about one of these features, KeePass' global login shortcut, here.
Now You: which password manager do you use?
Keepass is awesome. I save my kdb database on Dropbox, so it’s synced and safe. Indeed, it doesn’t include browser or Android apps (by default, only third-party).
Re: Cloud v’s Local
Does keepass have a browser extension as I use that extensively rather than a web browsers own password manager or even the desktop app? Answer is no but you can use third party plugins. But are not third party plugins now a security risk? Off course they are, one bad actor/app and an app update and all your passwords are stolen, here is what Keepass says:
“Security. Most of the plugins listed on this page are developed by different, independent authors. The KeePass team cannot check all plugins for bugs and malicious code.”
Its 2024, people want Desktop apps, browser extensions, IOS & Android support, do it through one business or download a bunch of third party apps and hope they are or remain honest.
@Martin,
You wrote an article on the subject of key derivation settings on Keepass back February last year where you recommended changing the default setting of 60,000 itinerations to a higher figure. Here’s the article to save you looking for it: https://www.ghacks.net/2023/02/05/improve-keepass-security-with-this-simple-configuration-change/
But on my Keepass installation the default setting for AES-KDF was, and still is 600,000 not 60,000. I never changed that figure since installing Keepass a long time ago so I wonder if you perhaps had made a mistake and the default was always 600,000.
The history feature is very useful. Especially when updating your password for an existing account, where often you are asked to first enter your existing password and then your new password. If something goes wrong, you can find your existing password in history.
KeePass is a great, solid piece of software.
KeePassXC looks better.
How can anyone be so gulible as to trust people and hardware they know nothing about?
“The internet does not lie!”?
Is hardware mentioned anywhere in the article?
What’s the point in using legacy password managers like this over the cloud-enabled ones? Even if you mention trust It’s not like it’s plaintext in the cloud or something guys.
Because cloud-based inevitably takes the following path:
1) Offer free cloud-based service.
2) Once a sizeable amount of people are using it, make it a subscription service.
3a) Gradually keep increasing the subscription fee.
3b) The vendor announces they are discontinuing their cloud-based service and you have two weeks to export your data.
Regarding trust, passwords have to end up in plaintext at some point. Most cloud-based password managers use content scripts, JavaScript that is inserted into every website you visit – so you better hope the vendor is actively on top of any bugs.
There is no magic solution when it comes to passwords, passkeys are likely the best way forward.
@ECJ – >”1) … 2) … 3a) … 3b) …”
None of this has ever happened to Bitwarden.
All that has ever happened with cloud-based password managers is the same thing that’s happened to desktop programs like web browsers: the proprietary versions will always eventually betray your trust, while the freely licensed versions with code that can be inspected and forked by the community at large tend to be self-policing and to gain trust over time.
So it’s not really a matter of online vs offline – it’s freely licensed technology that’s developed out in the open vs proprietary licensed code that is developed in secret. Same issue that’s always existed in all of computing.
Why choose (KeePass vs Bitwarden) I run both. I have been using KeePass for several years. I have also setup my own self-hosted Bitwarden instance. Bitwarden online is free for most users. I pay for any account even though I self-host because I want to support the developers. I have also donated to KeePass a few times over the years. I tend to keep a double entry system but I don’t “have” to. Its just my personal preference. Bitwarden is great for quick and easy access and is secured using my hardware keys now. KeePass is very easy to store offline like on a USB drive locked in a safe. Both are fine pieces of software.
You can just use KeePass (Keepass2Android for Android) and store the encrypted file in Google Drive or OneDrive. There’s no point in using “cloud” password managers.
Local storage vs cloud storage. LastPass was compromised twice recently that we know of, even then we didn’t know about it until months later. Legacy password managers like this store your passwords locally on your devices. So more than anything, privacy and possibly better security when you consider how things have been going lately.
I’m currently still using Bitwarden but I’m also exploring this option as a possibility.
Local: full control, less convenience.
Cloud: less control, convenience.
Basically, if you choose local, you eliminate one additional vector where things can go wrong (think attacks, server breaches, bugs).
When I was looking for a replacement for the train wreck that was LastPass, I was originally put off by KeePass’s clunky interface. But I’ve grown to like it, and KP is now my first-choice recommendation for self-hosted password safes (Bitwarden remains #1 if you need cloud-hosted). It’s simple, solid and secure.