Motivation
A bachelor student of mine looked into password managers. We only looked at free/libro open source software (FLOSS) password managers since we wanted to interface them. As a result, we collected a list of password managers and their metadata. In particular, I listed where the password manager stored its passwords.
The table
Based on Wikipedia: List of password managers.
| Password manager | initial release | license | data storage | user interface |
|---|---|---|---|---|
2016 |
AGPL-3.0-only (server) GPL-3.0-only (client) |
Encrypted JSON |
GUI or web |
|
2018 |
GPL-2.0-or-later |
Custom binary format (keyring) |
GUI |
|
2003 |
GPL-2.0-or-later |
KDBX 4 |
GUI |
|
2013 |
GPL-2.0-only or GPL-3.0-only |
KDBX 2 |
GUI |
|
2017 |
GPL-2.0-only or GPL-3.0-only |
KDBX 4 |
GUI |
|
2015 |
MIT |
KDBX 4 |
web |
|
1999 |
APSL-2.0 |
Custom binary format (keychain) |
GUI |
|
2014 |
LGPL |
Custom binary format (kwl) |
GUI |
|
2012 |
GPL-2.0-or-later |
GnuPG encrypted files |
CLI |
|
2002 |
Artistic-2.0 |
Custom binary file (pwsafe V4) |
GUI |
Seahorse is only a GUI frontend for (e.g.) GNOME Keyring and not a password manager on its own.
Conclusion
KDBX is the most established file format among FLOSS password managers. It does not surprise since it is very versatile (allows to add arbitrary attributes) and avoids unpopular infrastructure like GnuPG.