New browser plugins for KeePass

Almost three years ago I wrote a post about setting up a browser plugin for KeePass.  That plugin was chromeIPass and it worked pretty darn well.

Now fast-forward to a few months ago.  My wife's laptop broke down and I had to re-install Windows on it.  In the process, I tried to set up chromeIPass and discovered that it's dead!  Well, mostly dead, anyway.  It's open-source, and the source is still available, but it's no longer available in the Chrome app store.  So it's effectively dead.

So I started looking for alternatives.  The good news is that there's a fork of chromeIPass called KeePassHTTP-Connector. That still exists in the Chrome store.  However, it's also been discontinued!  Apparently it's deprecated in favor of KeePassXC-Browser which is a similar plugin for KeePassXC.  Apparently KeePassXC is a cross-platform re-implementation of KeePass.  I'm not sure why that's needed, since KeePass is written in C# and runs under Mono, and .NET core is now cross-platform anyway, but whatever.  The one nice thing about that browser plugin is that it uses a KeePassNatMsg plugin to communicate with KeePass.  Apparently that's more secure because it doesn't involve talking over HTTP.  But apparently it doesn't work correctly with "real" KeePass.  At least, it didn't for me - the plugin segfaulted when I tried to configure it.

Luckily, I did find a currently supported plugin that actually seems fairly good - Kee.  This is actually intended for a separate password manager, also called Kee, which I gather is some kind of paid service based on KeePass.  (Or something.  To be honest, I didn't really look into it - I only cared about the browser plugin.)  The Kee plugin is based on the old KeeFox plugin for Firefox, but this one also runs in Chrome.  It uses the KeePassRPC plugin for communication with KeePass.

If you used KeeFox in the past, this plugin is equally painless to use and configure.  Just install the KeePassRPC plugin, fire up KeePass, and install the browser plugin.  Kee will automatically attempt to connect to the RPC server and KeePass will prompt you to authorize the connection by bringing up a window with an authorization code.  Just enter that code into the window that Kee opens and click "connect".  Done!  Now when you visit a site that's in your KeePass database, Kee will put icons you can click in the login boxes and auto-populate the login form.  (The auto-population can be turned off - the convenience of that functionality is fantastic, but the security is iffy.)

So at least there's still a good, supported KeePass browser plugin out there.  I suppose this is one of the pitfalls of "roll your own" systems based on open-source software.  Since KeePass doesn't bundle a browser plugin, like many of the proprietary password managers do, we're forced to rely on the community, which can be both good and bad.  The bad comes when the "community" is basically one guy who eventually loses interest.  And while it's great that the source is there for anyone to pick up, it's important to recognize that adopting a new software project requires a substantial time commitment.  Free software is free as in "free puppy", not "free beer".

You can reply to this entry by leaving a comment below. This entry accepts Pingbacks from other blogs. You can follow comments on this entry by subscribing to the RSS feed.

Add your comments #

A comment body is required. No HTML code allowed. URLs starting with http:// or ftp:// will be automatically converted to hyperlinks.