Can I trust KeePassium?

When your passwords are at stake, don’t trust promises — they are just words. Instead, look at the verifiable signals.

It has a clear business model

Stealing passwords is a poor business idea. Just like any other illegal high-risk activity, it would eventually be exposed and result in jail time.

In contrast, selling a good app is a safe, legal and reliable business model that builds reputation.

Since the first release in 2019, we don’t sell user data — we sell the app.

It works offline

By design, KeePassium never “phones home” for any reason. You can check this using the iOS App Privacy Report feature:

iOS App Privacy Report for KeePassium
iOS App Privacy Report for KeePassium
In-app purchases

The freemium version of KeePassium can communicate with the App Store servers, in order to manage in-app purchases. KeePassium Pro does not have in-app purchases, so it does not communicate with the App Store.

One may wonder: how come KeePassium offers cloud sync, but never asks for my Dropbox/OneDrive/NextCloud account details? This is because KeePassium delegates synchronization to the original cloud provider apps. This way, KeePassium itself can remain offline.

That said, the app does offer a few network-dependent features. However, they are disabled by default and KeePassium won’t use them without your permission.

Network access setting
Network access setting

It is open source

Finally, for the maximal assurance, you can directly verify the app:

  1. Download KeePassium source code
  2. Audit it (or hire someone you trust)
  3. Build your own app
  4. Rely on it

(If you go this way, please consider buying premium to support the development.)