Jump to content

KeePassDX

From Wikipedia, the free encyclopedia
KeePassDX
DeveloperKunzisoft
ReleaseNovember 17, 2017; 8 years ago (2017-11-17)
Stable release
4.4.5[1] Edit this on Wikidata / 15 June 2026
Written inKotlin, Java, C
Operating systemAndroid
Available inMultilingual
TypePassword manager
LicenseGPL-3.0-or-later
Websitewww.keepassdx.com
Repository

KeePassDX is a free and open-source offline password manager designed for Android. Developed and maintained by Kunzisoft, the software operates locally without built-in network permissions, relying on external synchronization tools for cross-device database management.[2]

KeePassDX natively supports legacy KeePass 1 (.kdb) files alongside current KeePass 2.x (.kdbx) implementations. This makes it cross-compatible with desktop clients like the original KeePass[3] and KeePassXC.

Features

[edit]

KeePassDX is written in Kotlin, Java, and C, and uses standard encryption methods to secure vaults, including AES-256, Twofish, and ChaCha20, combined with the Argon2 key derivation function to guard against brute-force attacks.

Key features include:

  • Advanced Authentication Security: Support for alternative database locking options beyond standard master passphrases, including cryptographic key files and YubiKey hardware-backed challenge-response protocols.[4]
  • Magikeyboard: A virtual keyboard implementation that allows users to input login credentials directly into target text fields. This mechanism bypasses the native Android system clipboard entirely to protect data from clipboard-sniffing malware.[5]
  • Passphrase Generation: A built-in generation utility integrating the Electronic Frontier Foundation (EFF) long wordlist to construct secure, multi-word passphrases locally.[6]
  • Biometric Authentication: Integration with native device hardware, such as fingerprint scanning and facial recognition, allowing users to securely unlock local database files without re-entering the master password.[5]
  • Two-Factor Authentication: Integrated support for generating TOTP and HOTP tokens directly within credential entries.[5]
  • Database Versatility: Ability to read, modify, and convert KeePass database versions 1 (.kdb) and 2 (.kdbx).[3]

Security and privacy

[edit]

KeePassDX requires no internet permissions in its manifest file, making it incapable of network telemetry or remote data transmission.[2] Mobile tracker audits conducted by Exodus Privacy verified that the codebase contains zero third-party tracking scripts, analytical software development kits, or advertising packages.[7][8]

See also

[edit]

References

[edit]
  1. "Release 4.4.5". 15 June 2026. Retrieved 16 June 2026.
  2. 1 2 Rutnik, Mitja (October 28, 2025). "Don't trust big tech? These are the 5 offline-first apps I recommend". Android Authority. Retrieved June 8, 2026.
  3. 1 2 Vonau, Manuel (November 23, 2023). "Best password managers". Android Police. Retrieved June 8, 2026.
  4. "Yubikey: Use for KeepassXC and KeepassDX #1480". GitHub. January 12, 2023. Retrieved June 8, 2026.
  5. 1 2 3 Kuketz, Mike (February 2021). "KeePassDX: Magikeyboard und Autofill im Android-Alltag nutzen (Passwörter Teil 2)". Kuketz IT-Security Blog (in German). Retrieved June 8, 2026.
  6. "Add mnemonics to generator #218". GitHub. December 15, 2018. Retrieved June 8, 2026.
  7. "Report for com.kunzisoft.keepass.free". Exodus Privacy. January 16, 2026. Retrieved June 8, 2026.
  8. Vonau, Manuel (February 26, 2021). "LastPass analytics code raises questions about potential security issues". Android Police. Retrieved June 8, 2026.
[edit]