Philipp Hauer's Blog

Engineering Management, Java Ecosystem, Kotlin, Sociology of Software Development

KeePassXC Tips and Hidden Gems

Posted on Oct 31, 2022. Updated on Oct 31, 2022

I’ve been using KeePassXC as my password manager for many years now. Here are my tips and recommendations to get the most out of KeePassXC.

KeePassXC Tips and Hidden Gems

Auto-Fill

The Basics: Use Auto-Fill to let KeePass insert your username and password.

Auto-Fill Option A) Use the browser extension.

Install the browser extension and connect it via Settings > Browser Integration.

You have to specify an URL for each entry.

auto-fill browser extension

Auto-Fill Option B) Use the Auto-Type.

With Auto-Type, you don’t need a browser extension but you have to define a window title that KeePass can match.

  • Setup via Settings > General > Auto-Type -> Global Auto-Type shortcut. I use “Ctrl + Cmd + A”.
  • You have to specify a Window Association for each entry. The star is a wildcard to match the window title.

auto-type window associations

Entry Notes

I heavily use the entry notes for additional information. For instance, I place the numbers of my bank accounts, credit cards, tax, insurance, and contracts here.

entry notes

2-Factor-Authentication

KeePassXC can generate the token for a 2-Factor-Authentication. And the token can be auto-filled. You don’t need to grab the Smartphone and the Google Authenticator. You only need the secret key that is contained in the QR Code you usually scan with your smartphone.

Set up TOTP for a 2FA

Sensitive Files

You can store sensitive files (like ssh private keys) as attachments.

Edit Entry > Advanced > Attachments

Store SSH Keys in KeePassXC

Decryption Time

You can set the decryption time for opening the database after typing the password. This makes brute force attacks harder, especially when you sync your database via cloud services like Dropbox.

Database Settings > Security > Encryption Settings -> Decryption Time.

Set the decryption time

Entry Icons

Assign corresponding favicons to your entries to make them look nice.

  • Setup: Settings > Security -> Check Use DuckDuckGo service to download website icons
  • Apply: Cmd+A to mark all entries, right-click, Download Favicon (only works if an URL is specified in the entry) Add Icons to the entries

Quick Unlock

Quick Unlock is handy to avoid typing in the master password multiple times.

Application Settings > Security -> check Enable database quick unlock (Touch Id, Windows Hello)

Quick Unlock via Touch Id on Mac

Keepass2Android

The Keepass2Android app is excellent.

It supports retrieving the database directly from cloud services like Dropbox. So it ensures that everything is in sync.

Plus, you can also activate the unlock via fingerprint in the app.

It’s Free

Last but not least: KeePassXC is free. You get all features and can sync your database on as many devices as you want (given that your cloud service allows that :-) )

That’s it. I hope it was helpful to you. What is your favorite feature of KeePassXC?