This is awesome. People are obviously going to give you a hard time about security and your implementation of the important parts of the software, but that's the advantage of open source!
Edit: I am a daily user of KeePassX and get really tired of the UI after a while so I will definitely be trying this out ASAP!
Check out pass for those wanting a solution in line with the Unix way:
The reference implementation's domain is vulnerable to MITM attacks between KeeWeb and CloudFlare until they set their CloudFlare crypto settings to "strict" and get some real certificates of their own (e.g. Let's Encrypt).
I submitted an issue here: https://github.com/antelle/keeweb/issues/111
Of course exploiting this would be very difficult, but it is possible to MITM the connection between the CloudFlare proxy and GitHub pages as long as keeweb.info continues to not use DNSSEC.
I always get confused with KeePass, KeePass2 and KeePassX...
I use KeePassX on OS X. Will I be able to use this one with my database file?
This looks awesome. My only gripes with KeePass is the confusion between KeePass,2,X etc; get it together guys. Also there is a serious lack of good browser extensions. There only seems to be one offering and its the clunkiest thing I have ever used. -- That said, as soon as the second problem is addressed, I'll be switching as soon as possible. I'd love to move off my proprietary solution to an open one.
How does it handle multiple users/computers trying to write to a database on dropbox?
That's pretty nice. I'm going to look into packaging it for myself for FirefoxOS. My only issue with it right now is aesthetic: the top item (search box on the main page, "< back to list" in entries, etc) scrolls off the top of the screen, leaving that much blank white space at the bottom of the screen. I'm on a ZTE Open C running the nightly version of FxOS from http://builds.firefoxos.mozfr.org/doc/en/devices/zte-open-c-...
The notes field should be a multiline text field. This is mandatory since some data needs more explanation than just a password.
Does there exist an enterprise grade server/webui solution based on a keepass db? We are looking for an enterprise password manager solution that does not need all the ldap/ad integration bells/whistles (although we may explore ldap integration with the tool in the future). So I was thinking why not just use keepass. And by enterprise grade I guess I really mean it needs to be a multi user solution, but everyone would be working from the same pw db..
This is great. My weekend project this weekend was to move to KeePassX, but it's not very usable. This UI is great!
The title should probably be "KeyWeb - a KeePass Web and desktop client" to be clear that this is not the official KeePass client. I was briefly concerned because I generated many passwords with KeePass, but this post is about a different piece of software.
Just built this, looks good so far. Being a totally blind back-end developer I've wanted to look at web accessibility, while the app is accessible I think it could be made better so hopefully I can use this as a way to learn.
Excellent work! Clean, beautiful and works out of the box.
Is there any way to have a system-wide shortcut to auto-enter passwords? In KeePassX it's called "Global Auto Type Shortcut". I just can't live without this ;)
Would it be possible to connect this to WebDav (i.e. Own cloud)?
Looks awesome! I've been using 1password, are there any big advantages that KeePass has over it?
I've been waiting / hoping someone would build this! thanks!
Do not generate passwords with it, it uses insecure Math.random:
https://github.com/antelle/kdbxweb/blob/906e927d3e3384db4dd3...
https://github.com/antelle/keeweb/blob/master/app/scripts/ut...
(in meme form: https://imgur.com/FcZNflQ)
Filed issue: https://github.com/antelle/kdbxweb/issues/5
(embarrassing/funny: it was me who wrote Salsa20 "user-space" generator used here (https://github.com/antelle/kdbxweb/blob/906e927d3e3384db4dd3...), but it should be properly seeded from secure random number source to be secure. Added this note to the gist where the author found it: https://gist.github.com/dchest/4582374#file-salsa20-js-L1-L1...)