Posted
about 2 months
ago
We’re thrilled to announce the release of KeePassXC version 2.7.7. This update brings several exciting features and enhancements that will improve your workflow and integration with modern authentication services. Let’s dive into the major
... [More]
highlights:
Passkeys Support
This release delivers the official implementation of Passkeys for KeePassXC! This feature is a year in the making and uses the existing browser integration service to both store and use Passkeys for authentication. A special thank you to Ortham for providing an extremely comprehensive standards, security, and privacy review of our implementation prior to release. If you haven’t heard of Passkeys yet, they are an alternative to passwords that are incredibly secure and privacy preserving. Read more about Passkeys and also read our documentation.
Passkeys Report
[Less]
|
Posted
8 months
ago
Today, we are releasing KeePassXC 2.7.6 with a few bug fixes and enhancements. This version fixes a crash on
macOS that occurred on exit. We also improved the visual display when dragging entries to move/copy, Quick Unlock
is now automatically
... [More]
activated when unlocking for Auto-Type or Browser access, and the Auto-Type button and shortcut
key will be disabled when Auto-Type is turned off for the entry or group.
New Drag/Drop Example
[Less]
|
Posted
10 months
ago
On June 19, 2023 an alleged KeePassXC vulnerability with the identifier CVE-2023–35866 was posted against KeePassXC versions up to 2.7.5. As the developers of KeePassXC, we do not consider the issue a vulnerability and have filed a request for the
... [More]
CVE to be rejected. Additional information can be found in the discussion on GitHub.
The root of the argument submitted by the CVE author is that an attacker with unfettered access to an already unlocked database could export or change the password without requiring the original credentials. Where this is true, there are numerous barriers to actually executing this attack sequence. In addition, having lost control of your computer in this manner would mean the attacker could execute any number of security compromises against your KeePassXC database, regardless of requiring credentials prior to export or credential change.
At this time, we are not planning any drastic changes to the program to address this submission. We are also monitoring the request to reject/dispute this CVE on the grounds it is not actually a vulnerability in our software. Information on mitigation and other factors is included after
the break. [Less]
|
Posted
12 months
ago
Today, we are releasing KeePassXC 2.7.5 with a bunch of bug fixes and performance improvements. This version fixes
three separate crashes that were found with the support of our active community members. Additionally, we fixed several
areas in the
... [More]
code that were causing significant slow downs when databases had more than a thousand entries.
This release brings several popular feature requests including a menu option to temporarily allow screen capture (Windows & macOS),
an improved layout to the HTML export, improved KeePassXC logos and icons, and increasing the max TOTP step to 24 hours.
Temporarily allow screen capture
[Less]
|
Posted
about 1 year
ago
An audit of KeePassXC has been on the wish list since we started this project over six years ago. Today we are happy to announce the release
of an audit conducted by Zaur Molotnikov, an independent security consultant, that was completed on January
... [More]
19, 2023 against KeePassXC 2.7.4.
This audit was conducted free of charge to the KeePassXC Team and the findings and writeup were reviewed for correctness.
Read the Audit Report [Less]
|
Posted
over 1 year
ago
Today, we are releasing KeePassXC 2.7.4, the fourth maintenance update for the 2.7 stable series.
The release fixes several issues that appeared in the previous release concerning the browser integration and the
entry preview panel, as well as a
... [More]
compatibility problem with macOS 13 Ventura. In addition, we also improved
Unicode support on Windows and added a two-month password expiration preset. [Less]
|
Posted
over 1 year
ago
Today, we are releasing KeePassXC 2.7.3, the third maintenance update for the 2.7 stable series.
This release introduces saved searches, enhanced tags support, improvements to the entry preview panel,
a db-edit command to the CLI, and corrects
... [More]
numerous bugs and crashes. We have also made several quality
of life improvements to the program such as tabbing around the interface and preventing focus locks. This
update also provides better handling of dark/light mode detection on macOS and Linux. [Less]
|
Posted
about 2 years
ago
Today, we are releasing KeePassXC 2.7.1, the first maintenance update for the 2.7 stable series.
The release fixes multiple issues with Auto-Type, performance problems with the legacy AES-KDF, and several other minor bugs. We also improved the entry
... [More]
preview panel layout and paved the way for first-class Flatpak support on Linux. Flatpak, thus far, has been a downstream third-party distribution, but with the new release, we upstreamed patches needed for building KeePassXC as a Flatpak, and it will eventually supersede Snap as our preferred Linux distribution channel. Our experience shows that Flatpak has been a more stable platform than Snap, which has had many deployment bugs over the years, so we decided to deprecate it in favour of Flatpak. If you are experiencing problems with the current Snap, we recommend you switch to one of our other two supported Linux packages or to Flatpak once we announce an official Flathub channel. [Less]
|
Posted
about 2 years
ago
Today, we are releasing KeePassXC 2.7.0. Closing 118 issues and merging in 149 pull requests, this
release is one of our biggest and most important yet! We have incorporated several significant improvements
including:
Entry tagging
Quick unlock
... [More]
using Windows Hello and macOS Touch ID
Massive overhaul of Auto-Type
Improvements to attachment handling
Improvements to Secret Service integration (Linux)
Migration of the crypto backend from libgcrypt to Botan
Much, much more…
[Less]
|
Posted
almost 3 years
ago
Today we are releasing the sixth 2.6 maintenance updates, KeePassXC 2.6.6. This release quickly corrects a
couple of bugs found in 2.6.5.
|