- Apr 24, 2016
KeePassXC is a popular password manager for Windows, Mac and Linux that uses the KDBX file format from the password manager KeePass.
The developers of KeePassXC have published the results of a security audit on their website yesterday. The audit was conducted by Zaur Molotnikov, who is a Munich-based software engineer. Molotnikov's CV is listed on his website.
The audit was conducted free of charge, and while there is some rumbling about potential conflicts of interests on Hacker News, it is irrelevant for the purpose of the article that you are reading now.
Interested users may check out the full audit report here. The author makes several suggestions to the KeePassXC development team and also to users of the application. A core suggestion is to make sure that the latest database format is being used.
KeePassXC users may verify the database file format that the password manager uses and upgrade it, if an older, less secure version is still used.