Key Details of Keepass2Android Password Safe

  • Keep and manage your passwords in KeePass 2.x compatible database on your Android device.
  • Last updated on
  • There have been 4 updates
  • Virus scan status:

    Clean (it's extremely likely that this software program is clean)


Enlarged image for Keepass2Android Password …
Keepass2Android Password Safe 0/1

Editors' Review

Download.com staff

Keepass2Android is an unofficial port to Android of the popular open-source password manager KeePass on Windows.

Pros

Stores and secures passwords: Keepass2Android can store your passwords locally on your phone or in a cloud service, such as Dropbox. The database is encrypted using the industry-standard AES-256 and protected with your master password. You can copy and paste your username and password from the database to the log-in screen or turn on the autofill service to automatically populate log-in fields.

Works with Windows Keepass database: If you already Keepass on Windows, you store the Windows password-manager database in the cloud to access from your Android device or you can copy the database to your phone. The Android app can read to and write from the database. You can, of course, just create a new database if you don't use Keepass on other platforms.

Free: The app is free to use on the Android platform.

Available across platforms: The Windows version of Keepass is the official build of the password manager. Its community has ported the open-source tool to Linux, Mac, Android, and iOS, as well as Chrome, Firefox, Safari, Internet Explorer, and other popular browsers. If you want to run Keepass on other platforms, you might need to do a bit of digging to find the apps for those other OSes or browsers.

SEE: The 5 Best Android Password Managers to Keep Safe Your Passwords

Cons

Extra work: Keepass2Android is suited to those who don't mind fiddling with their apps in the setup process. So if you'd rather just download, install, and start using a password manager that syncs automatically across your platforms, Keepass2Android is probably not the app for you.

Bottom Line

If you like Keepass on Windows, Keepass2Android is a way to use the open-source password manager on your Android phone. It takes a bit of work to set up, but once it gets going, it's a handy way to securely store passwords and autofill log-in screens.

What's new in version 1.11-r0

Switch to ykDroid instead of YubiChallenge as app for Yubikey Challenge-Response.

Implement support for KeepassXC-style Challenge-Response. Note: Database format must be KDBX4!

Refuse to load trashed files from Google Drive

Switch TLS implementation for FTPS, add workaround to JSch bug with servers supporting gssapi-with-mic

bug fixes

Adapt keyboard to behavior changes in Android P.



Explore More


Full Specifications

GENERAL
Release
Latest update
Version
1.11-r0
OPERATING SYSTEMS
Platform
Android
Operating System
Android 13.0
POPULARITY
Total Downloads
3,743
Downloads Last Week
2

Report Software

Program available in other languages


Last Updated


User Reviews

5/5

1 User Votes


Developer's Description

Keep and manage your passwords in KeePass 2.x compatible database on your Android device.

Keepass2Android is an open source password manager application for Android. It reads and writes .kdbx-files, the database format used by the popular KeePass 2.x Password Safe for Windows and other desktop operating systems.

The user interface is based on Keepassdroid, ported from Java to Mono for Android. The backend uses the original KeePass libraries to handle file access to ensure file format compatibility.

Main features of the App are

* read/write support for .kdbx (KeePass 2.x) files

* integrates with nearly every Android browser (see below)

* QuickUnlock: Unlock your database once with your full password, re-open it by typing just a few characters (see below)

* Access files from the cloud or the web (Dropbox, Google Drive, SkyDrive, FTP, WebDAV). You can use "Keepass2Android Offline" if you don't need this feature.

* Integrated Soft-Keyboard: Switch to this keyboard for entering user credentials. This shields you from clipboard based password sniffers (see below)

* support for editing entries including additional string fields, file attachments, tags etc.

* search dialog with all search options from KeePass 2.x.

Required privileges:

* Access SD Card

* Access Internet (required for accessing files via FTP/WebDav). Install "Keepass2Android Offline" if you don't want to grant this privilege.

* Vibrate

Bug reports and suggestions: https://github.com/PhilippC/keepass2android

== Browser integration ==

If you need to lookup a password for a webpage, go to Menu/Share... and select Keepass2Android. This will

* bring up a screen to load/unlock a database if no database is loaded and unlocked

* go to the Search Results screen displaying all entries for the currently visited URL

- or -

* directly offer the Copy Username/Password notifications if exactly one entry matches the currently visited URL

== QuickUnlock ==

You should protect your password database with a strong (i.e. random and LONG) password including upper and lower case as well as numbers and special characters. Typing such a password on a mobile phone every time you unlock your database is time-consuming and error-prone. The KP2A solution is QuickUnlock:

* Use a strong password for your database

* Load your database and type the strong password once. Enable QuickUnlock.

* The application is locked after the time specified in the settings

* If you want to re-open your database, you can type just a few characters (by default, the last 3 characters of your password) to unlock quickly and easily!

* If the wrong QuickUnlock key is entered, the database is locked and the full password is required to re-open.

Is this safe? First: it allows you to use a really strong password, this increases safety in case someone gets your database file. Second: If you loose your phone and someone tries to open the password database, the attacker has exactly one chance to make use of QuickUnlock. When using 3 characters and assuming 70 characters in the set of possible characters, the attacker has a 0.0003% chance of opening the file. If this sounds still too much for you, choose 4 or more characters in the settings.

QuickUnlock requires an icon in the notification area. This is because Android would kill Keepass2Android too often without this icon. It does not require battery power.

== Keepass2Android Keyboard ==

A German research team has demonstrated that clipboard-based access of credentials as used by most Android password managers is not safe: Every app on your phone can register for changes of the clipboard and thus be notified when you copy your passwords from the password manager to your clipboard. In order to protect against this kind of attack, you should use the Keepass2Android keyboard: When you select an entry, a notification will appear in the notification bar. This notification lets you switch to the KP2A keyboard. ON this keyboard, click the KP2A symbol to "type" your credentials. Click the keyboard key to switch back to your favorite keyboard.