KPass

KPass

is the best KeePass password manager for Android.

It supports reading and modification of KDBX 3 and 4 files.

We have reached the time when a password can be the main value, more expensive than money, gold and brilliants. Let's say the password for a bank account gives you access to all the money at once, YouTube password — access to all subscribers eyes, and password for a cloud service is key to your private docs.

Top advice: generate good complex passwords and change them from time to time.

KPass offers secure storage for your passwords, addresses, bank card details, private notes and syncs them across all your devices – giving you faster access to your online accounts, apps and important information.

FAQ.

Q: Why KPass autofill doesn't work in Chrome (Edge, Opera, something else)?

A: KPass uses standard Android autofill framework interface. It allows all applications supporting this system framework support KPass autofill service automatically. Unfortunately, Google Chrome and all Chromium-based browsers forces users to use embedded password manager. To switch to KPass autofill service please follow corresponding browser documentation. For Google Chrome — https://developers.googleblog.com/en/chrome-3p-autofill-services.

Q: Why database is successfully opened while I used unregistered finger to authenticate?

A: Because you entered correct credentials (password and key file). Your database is protected by secret key. Biometric sensor is used to save and restore this key. So if your biometric authentication was failed, but you entered correct credentials, database will be opened, but secret key will not be saved. We doesn't see any security issue in such use case.

Q: How can I make sure KPass does not steal my passwords or other information?

A: KPass does not collect, store or send any user data. You can check it in application permissions section. KPass does not request network and storage access. Instead, it uses Storage Access Framework – modern and secure native Android way to get data from content providers such as file system, cloud services (Google Drive, Dropbox e.t.c.), FTP-clients or anything else. So, it is impossible for KPass to steal any password or send an analytics.

Q: Why KPass is not open source? How can I make sure it is secure enough?

A: KPass user interface is closed-source and intellectual property of product owner. This is main value of the application. UI side does not contain any secure-sensitive part of code. Engine is powered by open-source project

gokeepasslib – https://github.com/tobischo/gokeepasslib.