[snowwrestler]

I feel like a lot of the comments here do not understand how KeePassXC actually works. It’s a client application that works with a standard encrypted file format. The file format is the basis for security, not the client application.

KeePassXC does not store any data. Nor does it receive connections from the Internet, like a server. Thus the risk is structurally lower than a commercial client-server application like LastPass or 1Password, which is actually in possession of your password data.

I use 1Password at work for its excellent collaboration features and good-enough security. For most people it replaces a post-it note or Excel file. It’s way better than those.

But for my passwords I use KeePass (the file format) and a variety of clients including KeePassXC. This statement about AI won’t change that, unless someone can give me a reason other than vague “AI bad” or “no vibe coding” like most comments so far.

[sharts]

I think a lot of folks end up copying their encrypted file to shared storage like Dropbox anyway. This doesn’t seem all that different from using 1pass.

[cassianoleal]

I can see a few differences.

Pushing Keepass vault to cloud storage:

* No per-item synchronisation

* Full control over encryption of the database

* Choice of cloud storage to trust with vault

* Free as in beer if no using cloud (or using a free/already paid for offering)

1Password:

* Per-item sync and collaboration

* Full trust on the (closed-source) client apps over encryption of vault

* No choice of cloud

* No choice of encryption

* Mandatory paying subscription

[beefnugs]

Sorry but that is nonsense. "The file format is the basis for security, not the client application" is so wrong, any messing with the application is game over.

Hell if you leave your computer unlocked, a rubber-ducky could replace your executable and middleman your master password.

[phoerious]

There is actually very little we can do about local attackers, with or without AI. All we can do is mitigate.