When comparing KeePass vs Bitwarden, the Slant community recommends Bitwarden for most people. In the question“What is the best cross-platform password manager?” Bitwarden is ranked 2nd while KeePass is ranked 4th. The most important reason people chose Bitwarden is:
Bitwarden is open source and can therefore easily be reviewed and checked for security. Its Github repository is accessible [here](https://github.com/bitwarden).
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Free and open source
KeePass being open source means that a number of people have reviewed the code and found it to be secure.
Pro Cross-platform desktop and mobile
Available for Windows, with unofficial ports for Linux, macOS, Android, and iOS.
Pro Reliable
KeePass is consistent and stable across all clients including merging conflicts between desktop and mobile apps.
Pro Powerful built-in password generator
Password generator can be adjusted to use or exclude certain characters, patterns, external algorithms and principles.
Pro Autofills passwords securely
KeePass uses a feature called AutoType that pastes passwords in browser window using a combination of virtual keystrokes and clipboard obfuscation for added security against keyloggers.
Pro Does not depend on the cloud
Unlike many other password management tools, by default the KeePass encrypted database is not stored in the cloud, but strictly locally, for added security.
Pro Can be used as a portable application
Works as a portable application that does not need to be installed and can be carried around in an external device.
Pro Extremely powerful encryption algorithm
KeePass uses AES-256 encryption for passwords which is practically unbreakable.
Pro Extensive plugin and extension support
Keepass offers a range of plugins and extensions in different categories: Integration & Transfer, Automation & Scripting, Cryptography & Key Providers, and others.
Pro Multifactor authentication
Keepass offers a combination of master password, key file and user account verification.
Pro Allows storage of attachments such as pictures, documents and all kinds of files in general
Appending attachments to individual credential entries allows things like scanning important documents (for instance a scanned document containing the login information for your internet connection), appending them to the corresponding credential entry and afterwards destroying the original paper copy.
Pro Offers multiple sync options
Since the database is stored locally it can be synced across devices using a cloud storage service like Dropbox, Google Drive or via a file sync tool like BitTorrent Sync. KeePass v2 also provides a powerful built-in synchronization mechanism that allows setting appropriate level of sync, kind of sync, and choosing between a number of sync sources (Dropbox, Drive, etc).
Pro Regular updates
On average a new point release is available every 3 months.
Pro Due to the open source nature, there are numerous apps for Android available that support KeePass
Offers large variety of apps with different features and user interfaces vastly increasing the user base by catering to almost every taste.
Pro Intuitive categorization options and search for managing entries
Entries can be categorized in folders and subfolders and quickly found using search.
Pro Built-in history that tracks changes to individual credential entries
With the built-in history you can lookup previous passwords, track changes in general and if necessary recover those. In essence you are looking at a built-in Version Control System (VCS) which operates on single entries. Browsing the history of specific entries also displays associated metadata like the date of a change.
Pro Allows useful scripting via KPScript plugin
KeePass can set global hotkeys to fill in credentials while on a sites log-in screen. Scripting can launch a site or other application and perform any necessary log-on steps securely. It requires the KPScript plugin.
Pro 100% Free
No paid version. Free for everyone.
Pro Various iOS clients available
e.g. KeePass Touch, MiniKeePass.
Pro Customizable password records
Users may define any extra fields (eg. "Surname", "Credit Card No", "Start Date", "Expiry Date" and "Security No") and their values may then be easily copy-and-pasted when required. This is a great feature not found in a lot of password-managers: they leave you to consign such additional information to the "Notes" section.
Pro Clear, concise user interface
This app has the easiest, cleanest, and clearest user interface. For reference, LastPass has progressively gotten worse and worse and is now a confusing mess, while Keepass remains very user-friendly.
Pro Works inside Android apps
There are variations in support of features, so this is dependent on the Android app being used. Keepass2Android is one that has built-in synchronization over ssh and other protocols, fingerprint support and plugins are also supported to a certain extent.
Pro Recommended by a number of European governments and the EU
KeePass is recommended by the German Federal Office for Information Security, the European Commission’s Free and Open Source Software Auditing (EU-FOSSA) project, and the French Network and Information Security Agency.
Pro Support in iOS Safari browser
Difficult passwords are mostly a PITA on a mobile keyboard.
Pro Blackberry support
Keepass has an available Blackberry app that not only makes it easy to use on the go, but will work with any files backed up in the cloud for ease of access to stored passwords used on different machines.
Pro Open source
Bitwarden is open source and can therefore easily be reviewed and checked for security. Its Github repository is accessible here.
Pro Free
It is easy to start as the majority of features are on the free version.
Pro Cross-platform syncronisation
Automatically synchronises across various devices and platforms. Passwords get fully encrypted locally before leaving the computer.
Pro Clean interface with no ads
No ads, no tracking.
Pro Native mobile apps for iOS and Android
Pro Many browser plugins
There are plugins for Firefox, Chrome, Safari, Opera, Edge, Vivaldi and Tor Browser.
Pro Strong, easy to use built-in password genarator
No need to think of individual passwords. This can be easily accomplished with an easy to use built-in password manager.
Pro Extremely strong encryption algorithm
End-to-end AES-256 bit encryption, salted hashing, and PBKDF2 SHA-256.
Pro Two-step authentication
Offers 2FA with Authy, Google Authenticator or via email.
Additionally, the Pro Version has Duo Security with Duo Push, SMS, phone call, and U2F security keys: YubiKey (any 4 series device or YubiKey NEO) and FIDO U2F (any FIDO U2F certified key).
Pro Web vault
Possibility to manage passwords without installing the app or the browser plugin.
Pro Supports multi-logins on one site
You can store multiple logins on the same website.
Pro Multifactor authentication
Pro Secure notes
Very easy to add personal notes.
Pro Command line interface
You could retrieve passwords in the scripts.
Pro Auto-fill remembers last user
When a site has multiple credentials (like I have for some brokers and banks), then the most recently used is automatically populated (if auto-fill is opted). This feature is unique (to my knowledge) and spectacular (especially for sites that log you off frequently and re-logging in is required).
Pro Digital unlock works fairly well
Android app is a little slow and buggy, but it works well and has been improving.
Pro Self-host your own server
Host your own server via Docker for small installations or by package for multiple servers.
Pro Almost complete free version
The features included in the free version are totally sufficient for most personal uses. No limitation of devices synching.
Pro Dark theme
Pro Easy to use
Pro Use hardware based biometrics to unlock Bitwarden
You can use Windows Hello or Apple's TouchID on PC to unlock desktop applications and browser extention.
Pro Nested folders
Folders can be created within folders.
Pro Regular expressions can be used in URIs
It can also be used for sites where the domain changes frequently.
Pro Easy import/export
Just copy CSV text.
Pro Save data on the web
Save data on the web.
Pro Enterprise ready
Using enterprise subscribtions you can share password entries among your colleagues via 'collections' or with other companies that are connected to yours. You decide if it's your personal entry or a companies.
Pro Auto-fill by specifying the form with the selector of css
Auto-fill by specifying the form with the selector of css.
Cons
Con Not particularly modern UI
Difficult to use for new users. Small font.
Con No good cross platform syncing ability
E.g. between Windows and mobile.
Con Officially supported only on Windows, Mono or Wine
While there are ports available for Linux, OSX, iOS, Windows Phone and Android, the only officially supported version of KeePass 2 is on Windows and all platforms running Mono like Linux, Mac OS X, BSD. KeePass 1 is supported on Windows and Wine.
Con Outdated website
Extremely outdated website, which deters news users.
Con iOS support for syncing (not true -> KeePass Touch)
KeePass Touch supports a whole range of cloud sync options.
iOS clients still have somewhat limited syncing options for password files - such as DropBox.
Con Balkanized app ecosystem
There are a lot of different KeePass apps made by different people depending on your platform, e.g. Firefox, iOS, etc. Quality can be inconsistent and you need to trust each different set of authors.
Con No true multi-user and logging
Does not support multiple logins (different credentials) to database.
Con Password generator only uses 8 special characters !@#$%^&*
Whereas a desktop keyboard has 30+ special characters. This greatly reduces the possible passwords that can be generated.
Con Unable to remove duplicates
If you import more than one times, it will store its duplicates and there is no duplicate remover on these apps.
Con Passwords cards can be tricky for newbies
The fields can be difficult to understand for newbies. For example, some login pages can add a field for the password name differently at the same time as the password's field will contain a password. When changing the password, they sometime end corresponding and can give headaches to some users.
Con Cloud-based
You're storing your passwords on servers and you have to trust them.
Con Cannot update data while offline
Requires Internet connection.
Con Saving new credentials isn't as easy as it should be
When registering on a new site, Bitwarden pops up a button to ask if you'd like to save credentials (as most equivalent products do). But the button disappears VERY quickly, so often requires manual entry of passwords
Con Input of new login needs a 'signed-up with e-mail = 'example@wherever.org' functionality
Often sites won't be able to reset your password if the corresponding e-mail used in sign-up is unknown.
Con Lack of communication between instance opened in one session
If you use the client's desktop's app, multiple browsers extensions; they all work almost totally independently. Using more RAM as database is opened each time and asking for login more often. Some other passwords managers use desktop's client to open the database and extensions communicate with it in this case. If there's no desktop's, they'll work as standalone extensions.
Con The autofill sucks
The autofill is tedious - many clicks/taps required to trigger it. It doesn't help that the extension is slow to open.
Con Cannot store images of ID card, etc
Attachments available in premium.
Con Web browser extension doesn't recognise login required
User has to scroll/search for web site login details as it is not found automatically.