FYI, Keepass2Android has Oreo Autofill feature targeted for 1.04 release by January 1.
I can't speak to if that goal date is likely to be met, unfortunately.
I am using KeepassXC on my Arch system and it works really well with the Firefox plugin, that lets me use KeepassXC as my password manager. I have not used it on Android, but there is an app that can use the Keepass database called Keepass2Android on android.
Because Keepass is open source, and the file format a well, there are several apps for your phone. Keepass2android for example, which also has dropbox integration to allow you to keep it in sync between various devices.
This link is about support for the beta release.
Git hub release notes date the official support to march: https://github.com/PhilippC/keepass2android/releases
But yes, seems to be around for already some months.
Yes, I was referring to apps compatible with KeePass DB format.
However, calling them forks is incorrect and belittles developers' work:
> a project fork happens when developers take a copy of source code from one software package and start independent development on it
The only app that I know to include KeePass2 code is Keepass2Android. KeePassXC is a fork of KeePassX, but KeePassX was created independently.
Case in point: Firefox was created 6 years before Chrome; both are open source; both can show HTML files. Can we call Chrome a Firefox fork? :)
You can use Yalp Store to access Google Play Store.
There are some good apps like KeePassDroid or Keepass2Android (not available on F-Droid but can be download from github)
I've had success syncing my KeePass db from Dropbox with Keepass2Android. I've also heard recommendations for iOS-only MiniKeePass. But think you'd need the Dropbox app installed also to sync changes whereas you can login to your Dropbox account through Keepass2Android. I've tried syncing my db from Dropbox to Google Drive on file changes with IFTTT but it wouldn't consistently work for me. So I manually back it up to Nextcloud for now. Haven't determined an automated way to do this though.
> I think it is driven by marketing, but also the idea of having access to something anywhere.
Personally, for me, anywhere just means on my phone and my PC. I think it is convenient enough to download my password database to those two places once every few years when I get a new device, or need to change a password. No need for the "cloud" which is just a word that means some guy's server who I don't trust.
There's also a KeepassXC-compatible app for Android at least called "Keepass2Android" and an always-offline version called "Keepass2Android Offline". Source code is here, fully open source: https://github.com/PhilippC/keepass2android
Why in God's name would you want your password decryption app connected to the internet? And why would you want to give your passwords AND the responsibility to decrypt them to some company? All of this "cloud" stuff concerns me, too many have bought into marketing.
Its not how it works with Keepass on Windows. However, it seems the Android app deliberately caches files, so that you can access them when you don't have internet access.
https://github.com/PhilippC/keepass2android/blob/master/docs/Documentation.md
It only creates a security vulnerability if an attacker knows your master password and has access to your device or can access your Android cache remotely. If you're concerned about this you can clear the cache manually.
> It's kinda weird that it's only available on Google Play though.
Yes and yes.
The official Keepass application is a .NET desktop app. However, since it's an open-source project and the file format isn't proprietary, there are compatible third-party apps that run as browser plugins and mobile apps.
I've used CKP and Keepass2Android.
It was very easy for me. Just export your LastPass data, create a KeePass container, configure its security settings to however you like (I highly recommend password AND key file), import the LastPass file. Copy the kdbx file to Dropbox and keep the key file offline at all times.
My mobile app of choice is https://github.com/PhilippC/keepass2android
And on my devices I use the official KeePass program.
https://github.com/PhilippC/keepass2android/issues/256
:-)
Again, explicit support. And looking in the source code, there are > 100 occurrences of the word "nextcloud" and even more of "owncloud", > 300 of "onedrive" and "dropbox", > 100 of "gdrive"
So... yet more proof that each app (I looked at markor before, now keepass2android) has to write explicit code to deal with cloud/sync tools
I would never have realised that keepass2android does this -- I use keepass2dx simply because it's the only one available on f-droid. It doesn't support anything like this, which I guess is their choice, since it seems to be a treadmill of some kind!
Try reporting it in [Keepass2Android issue tracker](https://github.com/PhilippC/keepass2android/issues), they are better equipped to help with app-specific issues.
I saw it too, but thought, as it is the same author than KeePass2android, which is often updated, that recent update are about online issues....
Which is not the case : changlog...
>For the database password, you cannot use Face/Touch ID directly.
Sorry for being inaccurate. Exactly that's the password i meant, ok that's a pity.(I have a pretty long password, db is synced between many devices, with special chars, numbers,... -> on mobile a pain... + YK as 2FA)
I see face/touch id is just a boolean and cannot store the pw itself, but is there a possibility to store the database pwd in the Applekeystore and insert it on f/t ID unlock + ask for a 2nd factor? (like in this Androidapp)
I've already set it up with the yubikey, and it works flawlessly. But just use the master key with an infinite timeout for the databaselock corrupts the idea of a 2FA a bit. (Or may ask for the 2nd factor [if configured], when masterpassword is used) -> in case the face/finger gets "lost" ;) it's still not possible to open it.
I hope it is a bit clearer now :)
Thanks
> Keepass ei ollut tarpeeksi kätevä.
Mihin ongelmiin törmäsit? Itse koitin vaihtaa Bitwardeniin, mutta koin sen olevan lähinnä downgrade Keepassin ominaisuuksiin nähden. Kumpaakin pystyy hostaamaan helposti Nextcloudilla ja Keepass2Android-sovelluksella saa databasen synkattua Androillekin.
Theoretisch ja. Keepass2Android hat deshalb eine eigene Tastatur implementiert, die diese Sicherheitslücke umgehen soll.
https://www.privacytools.io/software/encryption-tools/ or a password manager.
Personally I'd choose KeePass with a separate database, as other people mentioned already, since saving your recovery codes/secret code in the same database as your password imo would defeat the purpose of "2 factor". The second on the list I think it'd be 7-Zip.
Cryptomator and PGP are nice too, only that the mobile apps for Cryptomator cost money and are closed source. For KeePass there are enough apps, I like Keepass2Android. With PGP I guess you can use something like OpenKeychain. Idk about 7-Zip tho.
Choose what suits you the best.
Keepass2Android supports face unlock, at least in beta, Early november
After 6 weeks, I still way prefer fingerprint unlock though.
https://github.com/PhilippC/keepass2android/
"Keepass2Android is compatible with Keepass 1 and Keepass 2 on Windows and KeepassX on Linux."
OK for the Android side, but still no sync for the Desktop side of things..
Here I've used KeepassX -- and it's latest changelog still has no mention of sync support. This explains as to why you are still required to manually copy the database one way or another.. but even doing so is not a good idea because this can lead to database corruption. -- cloning the database from desktop while the sync is occuring for Keepass2Android can potentially cause this corruption.
Enpass does auto-backups of its running database.. it has an integration suite from Desktop to Cellphone, the keepass projects don't have this full suite and only come halfway..
If there was an open project that actually does it, I would be glad to check it out..
Did you find the documentation? It says it is incomplete and preliminary, but maybe it already has the info that you are missing.
Hmm.. Thanks for the heads up!
I see that they were fixed in this PR, merged in July.
The last version for Keepass2Android Offline (Beta and Stable) seems to be v1.06g on February 9th 2019
On GitHub, the latest release seems to be 1.0.7-rc1, but only for the non-offline builds, and the release notes make no mention of that.
found the open issue on github: https://github.com/PhilippC/keepass2android/issues/747
So I guess I'll just keep using KeepassXC which I actually like better except that everytime I reopen the app, I have to go through my file explorer and reselect the Keepass data file because it errors out when trying to read it when I close and reopen the app.
So you think that KeeChallenge/KeepassXC with it's challenge-response HMAC implementation is more secure than HOTP? Or are they around the same level?
​
I did read that the author of Keepass2Android had a working beta version that can open and access KeepassXC databases with 2FA enabled through Yubikey. Maybe I'll give that a shot.
https://github.com/PhilippC/keepass2android/issues/4#issuecomment-401763890
Unfortunately, I don't think that option has been implemented (yet?). There is an open issue about it in the Github repo: https://github.com/PhilippC/keepass2android/issues/622
Again I haven't personally tried it, but I see from the Keepass2Android-Offline release changelog that it also added support for ykDroid.
KeePass2Android has an open request for Github - Support for Mega.
Speculation below:
I don't have experience with the MEGA app, so the following is a quick digest of issues in the tracker: Github - MEGA.
It does not appear that you can make files available offline and available for other applications (i.e. not outside of the private app data) Github - Issue 21. You would need to push/pull data if this is the case
Android exposes a few APIs which allow for applications to monitor files. I don't have the time to dive into the code in any significant way, but I did see broadcast registrations for Login, Bluetooth, charges, boot, camera, and networks changes. Presumably these could be the events which trigger sync'ing.
I don't use the mobile app that much (maybe 5 times a week, maximum), but for a regular user I can see why it could be annoying after a while. Even with the AutoFill Plug-in, it still seems to take some time.
I haven't looked too much into it, but there might be an other Android application that suits your needs. I'll edit this message if I find anything.
Well yeah, depends who you trust of course and whether you maybe have some of your own infrastructure in place already.
Some Johnny Rando's KeePass Android app is open source and even has a variant without network permissions.
While I trust LP (and I used it in the past; even their paid service) they're still a for-profit company and they're nowhere as open or audited as KeePass (though I admit that the KP2A app hasn't been officially, independently audited as far as I know).
I have the same problem. It's because your school uses office 365 / onedrive for business. I found this post but I'm not sure there's any solution to be found there. I've only started using keepass recently myself, and would like a solution if one can be found
You can check their own comparison here.
Aside from a few details, I think it's all about what UI the person likes better. There are not huge difference between the two of them. Also, the features of KeepassDroid in the link I provided is slightly outdated, since some of them have already changed.