# KeePassXC

> Source: https://fuckyc.org/services/keepassxc/
> Website: https://keepassxc.org/
> Categories: Password managers
> KYC: none — Local-first password manager. No accounts, no cloud component. Your vault is a file you manage.
> Status: active
> Jurisdiction: independent open source
> Fiat on-ramp: no
> Payment methods: donation
> Founded: 2016
> Open source: yes
> Custodial: no
> Last verified: 2026-05-12

## Verdict

KeePassXC is the local-first password manager — the vault never leaves your devices unless you explicitly sync it. No accounts to subpoena, no operator to compromise, no opt-in telemetry. The trade-off is that backup and sync are operator-you. For users who want the strongest threat-model posture in a password manager, this is the reference.

## Strengths

- Pure-local vault — no third-party operator can be subpoenaed for your passwords.
- KDBX format is open and interoperable with KeePass / KeePassDX (Android).
- Browser integration via the KeePassXC-Browser extension; no telemetry by default.
- Reproducible builds and reviewed cryptography (AES-256, Argon2id KDF).

## Caveats

- You handle backup and sync — Syncthing, Nextcloud, or a USB drive. There is no Apple/Google account doing it for you.
- Mobile clients are separate projects (KeePassDX on Android, KeePassium / Strongbox on iOS).
- A lost master password is a lost vault — no recovery.

---

## What KeePassXC is

A desktop password manager storing your vault as a local file in the KDBX format, with browser integration and reproducible builds.

## Threat-model fit

When "no third-party operator with access to my passwords" is the binding requirement.

## Sources

- [KeePassXC documentation](https://keepassxc.org/docs/) — accessed 2026-05-12
- [KeePassXC source](https://github.com/keepassxreboot/keepassxc) — accessed 2026-05-12