Why the KeePass format should be based on SQLite
9 hours ago
- #Password-Management
- #KeePass
- #SQLite
- KeePass's KDBX file format is based on XML, leading to inefficiencies and compatibility issues.
- Modern features like TOTP and passkeys are awkwardly implemented via custom attributes, causing fragmentation.
- The XML format results in storage inefficiencies, especially with custom icons and attachments bloating file sizes.
- Governance issues arise as KeePass's conservative approach clashes with the need for modern feature integration.
- SQLite with SQLCipher is proposed as a superior alternative, offering better schema flexibility, storage efficiency, and governance.
- SQLite enables delta syncs, reduces memory usage, and simplifies complex searches and merges.
- A democratic consortium is suggested for future format governance, moving away from a single maintainer model.
- Anticipated rebuttals include concerns over backwards compatibility, human readability, and SQLite dependency, all addressed in the text.
- A call to action urges KeePassXC and mobile developers to collaborate on a new, unified spec.