KeePass 1.24 released

KeePass 1.24 has been released today!

You can get it here: Download KeePass 1.24.

This is a stable release. It is recommended to upgrade from any previous 1.x version to 1.24. KeePass 1.24 is 100% backward compatible with previous versions.

If you are using KeePass together with a port of KeePass and the port has problems with opening database files saved by KeePass 1.24, please read the page KeePass 1.24 and 2.20 Header Authentication.

Hash sums and OpenPGP signatures for integrity checking are available. New translations are available, too.

For a comparison of the current KeePass 1.24 and 2.19, see: Editions Comparison.

If you like KeePass, please don't forget to donate.

Changes from 1.23 to 1.24:

New Features:

• Header data in KDB files is now authenticated (to prevent silent data removal attacks; thanks to P. Gasti and K. B. Rasmussen).
• The content part of a KDB file now contains 32 random bytes (generated each time the file is saved, by a cryptographically secure pseudo-random number generator using system entropy) to prevent content guessing attacks using the content hash.
• When closing the entry editing dialog by closing the window (using [X], Esc, ...) and there are unsaved changes, KeePass now asks whether to save or discard the changes; only when explicitly clicking the 'Cancel' button, KeePass doesn't prompt.
• Added '-pw-stdin' command line option to make KeePass read the master password from the StdIn stream.

Improvements:

• Improved update check.
• Upgraded and improved installer (now uses Unicode, LZMA2 compression, ...).
• Upgraded to Boost libraries version 1.51.0.
• Various code optimizations.
• Minor other improvements.

Bugfixes:

• (None).