* The screenshots are from 2003 era software (XP & Mac OS X 10.3)
* The requirements page says "Qt Library >= 4.3". Does that come with Windows?
* The downloads page doesn't specify if it work on Windows 8 or newer, or Yosemite / El Capitan for Mac.
* The website appears to be running an outdated and exploitable version of Wordpress, and is broadcasting its version number in the site source code.
And an actual quote from their support forums:
"I've got to say this is the deadest forum I have ever joined. There's so little help here that I'll advise anyone who can't figure things out for themselves to pay-to-play one of the bigger, commercial password managers. I'm done here - I don't see any reason to return."
This is common to a lot of open source projects. A product is not just the code, it's about usability, building trust, educating users, explaining things in a way they understand, and providing timely & friendly & helpful customer support. Code is barely 10% of a product. People pay for software because they want a job done well, and they don't want to spend more time than necessary on it.
Yea, the general public would not use it. But from the HN standpoint, I think it is a good open source alternative. They are working on version 2.0 and the git repo is reasonably active. (https://github.com/keepassx/keepassx/commits/master)
If by people you mean "Hacker News crowd", I don't know.
If by people you mean "people in general", just look at their respective website. The answer is rather obvious.
I contemplated over which password manager to use before deciding on 1Password simply because of its simplicity and usability. I try to be as aware of my privacy and security as possible and even though I was aware of this leak beforehand, I went with 1Password anyway.
"Hacker News crowd" (to be clear, I'm not using this in a derogatory way) usually think about security in terms of how things work technically, but practicality is just as important. If some piece of software is secure but not usable, that doesn't do any good to the user.
KeePassX is plain ugly, has a terrible website that doesn't give any confidence and scares the user by giving them technical details right out of the gate (check their website). I get that it's open source, it's free, probably more secure than 1Password and they most likely don't have enough income to hire as talented designers as AgileBits already employ, but that just doesn't matter to the user.
You just slandered a security product based on nothing.
That wouldn't be a problem if you didn't have a bunch of followers who believe every word you say. But you do, because your analyses are usually decent quality.
Why would I be hoping to generate drama? Your behavior is very confusing.
I was disappointed that you had something to say about that password vault, and then didn't say it. You opted for this weird gray area of "I have more than a hunch it's less secure than 1Password." Huh?
Maybe you have nothing to say. It's really strange to see you drop to hunches from substance.
One of the best pieces of advice I found on HN was when someone told me to unplug. It helped me a lot. When you start to see everyone as a troll, it might be time to step back a bit.
Yes, I was talking about the HN crowd. I've been using KeepassX for a while now without (m)any usability issues. It's far from perfect, but I believe it is secure (based on the source code), and it works for me, usability-wise.
Nope but KeePassX has an advertising budget of ~$0 so people don't know about it. It is hard enough persuading people to use a password manager already.
