KeePassX

Development stopped

KeePassX is no longer actively maintained.

You might want to switch to KeePassXC which is based on KeePassX.

Comments Off on Development stopped

KeePassX 2.0.3 released

We’re happy to announce the latest bugfix release of KeePassX.

Full changelog:

  • Improved error reporting when reading / writing databases fails. [#450, #462]
  • Display an error message when opening a custom icon fails.
  • Detect custom icon format based on contents instead of the filename. [#512]
  • Keep symlink intact when saving databases. [#442].
  • Fix a crash when deleting parent group of recycle bin. [#520]
  • Display a confirm dialog before moving an entry to the recycle bin. [#447]
  • Repair UUIDs of inconsistent history items. [#130]
  • Only include top-level windows in auto-type window list when using gnome-shell.
  • Update translations.
  • You can fetch the new release from the downloads page.

Comments (164)

KeePassX 2.0.2 released

We’ve just released KeePassX 2.0.2 which fixes important regressions from 2.0.1.
Please upgrade as soon as possible.

Full changelog:

  • Fix regression in database writer that caused it to strip certain special
    characters (characters from Unicode plane > 0).
  • Fix bug in repair function that caused it to strip non-ASCII characters.

You can fetch the new release from the downloads page.

Comments (68)

KeePassX 2.0.1 released

We’re happy to announce the latest bugfix release of KeePassX.

If you were unable to open your database and got the error message XML error: Unexpected '':
Please upgrade to version 2.0.1 and repair your database with Database > Repair database.
The error is caused by certain special (unprintable) characters in the database.
These characters could find their way into the database by pasting them into an entry or by importing a .kdb database.

Full changelog:

  • Flush temporary file before opening attachment. [#390]
  • Disable password generator when showing entry in history mode. [#422]
  • Strip invalid XML chars when writing databases. [#392]
  • Add repair function to fix databases with invalid XML chars. [#392]
  • Display custom icons scaled. [#322]
  • Allow opening databases that have no password and keyfile. [#391]
  • Fix crash when importing .kdb files with invalid icon ids. [#425]
  • Update translations.

Special thanks to everyone who reported the bugs and to all the translators!

You can fetch the new release from the downloads page.

Comments (3)

KeePassX 0.4.4 Security Update released

Two security flaws have been discovered in KeePassX 0.4.3.
Version 2.0 has a different codebase and is not affected.

  • CVE-2015-8359: DLL Preloading vulnerability on Windows
    The version of Qt bundled with KeePassX 0.4.3 is vulnerable to a DDL preloading attack.
    This vulnerability only affects KeePassX on Windows.
    If successfully exploited, arbitrary code can be executed in the context of KeePassX.
    KeePassX 0.4.4 ships with Qt 4.8.7 and employs additional hardening measures.
    Thanks to Trenton Ivey from SecureWorks for reporting this vulnerability to us.
  • CVE-2015-8378: Canceling XML export function creates export as “.xml” file
    When canceling the “Export to > KeePassX XML file” function the cleartext passwords were still exported.
    In this case the password database was exported as the file “.xml” in the current working directory (often $HOME or the directory of the database).
    Originally reported as Debian bug #791858

KeePassX 0.4.4 fixes both vulnerabilities.
It is available as a source tarball and Windows / Mac OS X binaries: Download
The OS X bundle contains only a 64bit binary (compared to 0.4.3 which shipped as i386 and powerpc).
The fix for CVE-2015-8378 is also available as a patch: CVE-2015-8378.patch

We will still provide security support for the 0.4 series for some time but please consider updating to version 2.0 instead.

Comments (36)

KeePassX 2.0 has arrived

We’re proud to announce the first stable release of the KeePassX 2 series after several years of development.

KeePassX 2.0 is using the new .kdbx (same as KeePass 2) database format.
You can import your .kdb database from 0.4 from the Database > Import KeePass 1 database.
This is a one-way process though. You can’t migrate back to the .kdb format.

New features include:

  • Multiple attachments per entry
  • Add custom key/value pairs to entries
  • Open multiple database in one window

KeePassX 2.0 has been rewritten from scratch so some features (like showing expired passwords) are still missing.

The important changes compared to beta 2 are:

  • Improve UI of the search edit.
  • Clear clipboard when locking databases. [#342]
  • Enable Ctrl+M shortcut to minimize the window on all platforms. [#329]
  • Show a better message when trying to open an old database format. [#338]
  • Fix global auto-type behavior with some window managers.
  • Show global auto-type window on the active desktop. [#359]
  • Disable systray on OS X. [#326]
  • Restore main window when clicking on the OS X docker icon. [#326]

You can fetch the new release from the downloads page.

Comments (79)

KeePassX 2.0 Beta 2 released

Due to some important bugfixes we are releasing another beta.
Hopefully this will be the last before the final release.

The most important changes are:

  • Fix crash when locking with search UI open [#309]
  • Fix file locking on Mac OS X [#327]
  • Set default extension when saving a database [#79, #308]

Please test the new version and report any issues at https://www.keepassx.org/dev/.

Download:

You can also checkout the latest source code from our git repository at https://github.com/keepassx/keepassx.

Beware: this is a beta release. While I believe the code base is already rather stable make sure to regularly backup your database.

Comments (82)

First 2.0 Beta released

We are proud to announce the first beta release of version 2.0.

The most important changes are:

  • Remember entry column sizes [#159]
  • Add translations
  • Support opening attachments directly
  • Support cmd:// URLs [#244]
  • Protect opened databases with a file lock [#18]
  • Export to csv files [#57]
  • Add optional tray icon [#153]
  • Allow setting the default auto-type sequence for groups [#175]
  • Make the kdbx parser more lenient
  • Remove –password command line option [#285]
  • Lots of bugfixes

Special thanks to all the contributers who reported bugs, translated KeePassX and submitted pull requests.

I hope to keep this release cycle much shorter than the previous ones. Only bugfixes and translation updates
will make it into 2.0 at this point.

The development of version 2.1 will start in the master branch while 2.0 will be maintained in it’s own branch.
As Qt 4 will be EOL soon KeePassX 2.1 will only support Qt 5.

Please test the new version and report any issues at https://www.keepassx.org/dev/.

Download:

You can also checkout the latest source code from our git repository at https://github.com/keepassx/keepassx.

Beware: this is a beta release. While I believe the code base is already rather stable make sure to regularly backup your database.

Comments (78)

Beta slowly approaching

Several people asked us by mail or in the comments if the project is still alive.
I can assure you that we haven’t abandoned it!
It is progressing slower than I would like but it is just a hobby project with only few developers after all.
You can follow the development on our tracker or on Github.

That said I hope to be able to release the first beta in the not too distant future.
The main blockers are two features: CSV export and file locking (so you can’t accidentally overwrite a database that has been opened by another user).
After the beta release we will focus on bugfixes in preparation for the final version 2.0.

That’s it for now. I’ll try to post updates about the development progress more regularly from now on.
Thanks for sticking with us!

Comments (55)

KeePassX 2.0 Alpha 6 released

I hereby announce the latest alpha release of KeePassX: 2.0 Alpha 6.

It fixes a security issue that allows you to use global auto-type even when the database is locked.
Thanks to Dmitry Medvinsky for reporting this.

The most important changes are:

  • Add option to lock databases after user inactivity [#62]
  • Add compatibility with libgcrypt 1.6 [#129]
  • Display passwords in monospace font [#51]
  • Use an icon for the button that shows/masks passwords [#38]
  • Add an option to show passwords by default [#93]
  • Improve password generator design [#122]
  • On Linux link .kdbx files with KeePassX
  • Remember window size [#154]
  • Disallow global auto-typing when the database is locked

Special thanks to Albert Weichselbraun and Michael Curtis for their contributions to this release.

Please test the new version and report any issues at https://www.keepassx.org/dev/.

Download:

You can also checkout the latest source code from our git repository at https://github.com/keepassx/keepassx.

Beware: this is an alpha release. While I believe the code base is already rather stable make sure to regularly backup your database.

Comments (162)