KeePass is a popular, full-featured FLOSS password manager. Beyond passwords, you can also attach files to password entries (ex.: PGP signature files, sensitive spreadsheets, contracts, etc.), which is immensely useful. There are use cases which instead warrant folder encryption or even full-disk encryption, which is not handled by KeePass, but the keys to decrypt could be stored in KeePass.
It is not possible to have more than one password per database, thus, each project / team needs to share a KeePass database (a .kdbx file). Each user could manage their own database of passwords (with all the nifty integrations that are available). For Team passwords, we'll be investigating storage in the Tiki File gallery, protected by User Encryption. So the shared password to open the KeePass database could be entered by the sysadmin while the user is currently logged in (via a Jitsi remote desktop control session), but after that, the user accesses the data without ever knowing the KeePass password. The KeePass data will in some cases be shown to the user (to copy-paste somewhere) or to access external systems. For more sensitive contexts, we could even log who accessed what password when and even send an email notification with the Watch feature ("user jo.smith has accessed the password for system XYZ"). Down the road, we could add a mechanism to block a user to sequentially access all the passwords (like the throttling feature we have in Tiki forums).
- Some web-related plugins & add-ons
- Web / PHP access to KeePass data
- OTP or MFA
- Feature requests
- Related links
- Other FLOSS options
Some web-related plugins & add-ons
URL in task bar
chromeIPass & PassIFox
Web / PHP access to KeePass data
kpcli - A command line interface to KeePass database files
- Feature: keepass central management concept
- Easy way to transfer password entries between databases
- This is useful to make a project/team Keepass file and for users to easily move data there
- KeeAutoExec can be used to automatically open additional databases when opening a database.
OTP or MFA
- Export to Encrypted HTML
- Multi-user / Multi-access / DBMS
- References to other KeePass Databases
- Multiple User with access rights
- Tiki Suite Security