Trying out KeeWeb and MiniKeePass password manager

Posted

I've been a long time iOS 1Password user, but recently started looking at alternatives. I discovered KeePass, KeeWeb and MiniKeePass, all open source.

I have 1Password (the Pro IAP for iOS costs $9.99 as of writing) and it has lots of great features like templates, web site icons, Touch ID, iCloud sync with multiple devices, etc. But:

  1. The macOS or Windows version is expensive but one-time ($64.99).
  2. I doesn't sync iOS with Windows as I do not wish to use Dropbox.
  3. No attachments in iOS.
  4. From iOS I cannot export / convert data.

I also tried Dashlane, which also looks great and is easy to use. But it too has various constraints, for example, it can export / import data from the desktop version, but not the iOS version, instead requiring a subscription to sync ($39.99 per year).

So I started looking for alternatives, and stumbled on KeeWeb over at the Electron Apps page.

KeeWeb on macOS

KeeWeb has a desktop app for Windows, macOS and Linux. For other platforms including iOS and Android, it can be run from a single HTML file totally offline, without any Internet connection and does not send data outside the browser.

KeeWeb is based on KeePass which is open source and supports Windows and macOS with Mono.

KeeWeb desktop version on macOS

Electron is an open source, cross-platform framework for building native desktop apps based on web technology (JavaScript, HTML, CSS) using using Node.js and Chromium.

Mono is an open source, cross-platform implementation of the Microsoft .NET framework and C#.

KeeWeb has a slightly quirky UI but it's got most of the features I need:

  • password generator (with the exception of dictionary-based memorable-word passwords that 1Password generates).
  • folders, icons and tags, including getting web icons from web sites.
  • multiple databases files (vaults in 1Password parlance).
  • attachments.
  • cloud sync (Dropbox, WebDav, Google Drive, OneDrive) or any other method of manual sync (just copy the .kbdx files).
  • custom fields, though just pure text without any distinct types of fields.
  • version history.

But there is no print feature, no templates (e.g. common fields for credit cards, bank accounts, internet logins, etc.), no CSV export (only XML) and of course, no native iOS app.

Most disheartening of all, there isn't really an auto-login feature. What it can do is auto-type, i.e. press a hotkey combination to send keystrokes to the browser. This does not find the correct app, or username and password fields at all, instead it assumes the cursor is currently on the username field and just sends {USERNAME}{TAB}{PASSWORD}{ENTER}. But it works more generally, e.g. to login to a desktop app.

MiniKeePass for iOS

So, for iOS, enter MiniKeePass, which is free and compatible with the .kbdx files from KeePass 2.x and KeeWeb. It's also open source and supports Touch ID (by storing the passwords in your iOS device's Keychain).

But it does not support attachments, custom icons, and standard icons are also different. Plus the same issue with the password auto-type. To get custom fields, remember to create a 2.x database.

MiniKeePass for iOS

KeeWeb HTML Web App

The alternative is to directly use KeeWeb's single HTML file. You can host it on your own desktop, server or use the one provided by KeeWeb Online Web App... but even better, you can run it directly on iOS with no server and no WiFi / Internet required!

I use the excellent Documents by Readdle (iOS, free) as my file manager, so this is how I run the Web App version of KeeWeb on iOS:

  1. Start Documents, and open its in-built web browser.
  2. Go to KeeWeb and find the links to GitHub and read the part about self-holsting. Or just go to directly to the KeeWeb gh-pages branch
  3. Press Jump to the file > Desktop version click on index.html, long-press Download and select Download link
  4. I save it as "keeweb.html".
  5. Copy your .kbdx file to the same folder.
  6. Just click on the HTML file to run it, and then select Open.
  7. Choose to open the file in Documents, navigate to the .kbdx file.
  8. Select the password field, enter your password and press Return (not just Done)

Changes made aren't saved, so don't rely on this method this for daily use!

KeeWeb HTML Web App showing entriesKeeWeb HTML Web App entry

Conclusion

So, here is what I've realized using the combination of KeeWeb and MiniKeePass:

  • You can access your data on any platform today, and in the future as long as you have a HTML5 browser.
  • No data stored on external servers or in the cloud (unless you want to)
  • No need to worry about companies or web services being shut down or going bankrupt or experiencing data breaches.
  • Easily share your passwords (e.g. securely stored thumb drive) with next-of-kin to access in the case of emergency without needing your fingerprint or access to your phone (use a simple password, key file or no password).
  • FREE!

But:

  • It's not the most beautiful UI, nor does it have the best features.
  • Synchronizing files manually can be a pain and cause grief if a new file overwrites an old one.
  • MiniKeePass specifically is missing many features, and has not been updated significantly in over a year (check MiniKeePass on GitHub)
  • So, you'll have a different experience and have to juggle different quirks between KeeWeb, KeePass, and MiniKeePass.

Intellectually, I like the pros above but I've not fully converted over. One can hope, that with continued effort by the "community", this alternative / these alternatives will improve over time and become more viable.