Custom Search

Free Password Manager KeePass - a feature rich, free, very secure, and easy-to-use

Inside This Article
1Introduce Free Password Manager - KeePass
2. Beef up your security with a key file
3How to back up KeePass
4Use KeeForm to log into a secure website automatically
5Use Auto-Type to log in a web page automatically
6Use On-Screen Keyboard with KeePass
7Open URLs in different web browsers
8How to use KeePass in a more secure way

Beef up your security with a key file

KeePass is one of my favorite free software. It's free, open source, and very secure. My hat off to Dominik Reichl.

There are three ways to log into the KeePass application. In technical terms, it is called unlock the password database.

  • Use master password.
  • Use key-file.
  • Use master password and a key-file.

Key-file can be used as an add-on protection for your KeePass database.

To open KeePass, you normally only need a master password. This becomes quite vulnerable if you take KeePass with you and use it in a non-trusted environment such as Internet Cafe. You never know if those computers have keyloggers or other types of spyware programs running in the dark. No matter how complex your master password is, you expose yourself to the possibility of losing your master password and KeePass database file.

This is where key-file comes into play. If someone steals your master password and password database, the database is still secure because the attacker also needs to steal your key-file to be able to unlock KeePass.

You normally store your key-file somewhere on your PC, or removable disk such as thumb drive. Key-file can be any existing file or KeePass can create one for you.

My master password is a random string of characters that contains upper and lower case alphanumeric characters as well as other keyboard characters. I save this password in a text file and mix it with other random generated text. I also memorize it.

Never lose your master password and your key-file I want to repeat this and I will repeat it whenever I can. There is no backdoor to KeePass that can be explored to recover your master password and key-file. Security may backfire and cause you more trouble.

How to create key-files and key-disks for KeePass KeePass allows you to lock your password database by using master password and/or key-file. When you create a new password database, KeePass optionally asks you to select a password disk drive (ie. key-disk). Therefore, it is important to understand the differences between a key-file and a key-disk as well as how to create them.

The word key, keyfile, key-file can be used interchangeably.


KeePass password database can be locked using a key-disk. A 'key-disk' is just a normal disk which holds a key-file with password bytes. Note that KeePass can generate key-disk for you.


A keyfile is a file stored on key-disk. If you let KeePass generate the key-file for you, the default file name is pwsafe.key which is placed on the disk you specify when setting the master password and/or key-disk drive. You can also create a key-file manually or select any of your existing files as key-file. Even an image file can be used as your key-file.

Note: When you just select a disk drive, KeePass assumes that it should load the 'pwsafe.key' file in the root directory of the disk.

If you want, you can also select the key-file (which is stored on the key-disk) manually. One disk can store multiple keys for multiple databases. In this case, you have to tell KeePass which file it should use.

Two ways to create a key-file You can either create your own key-file or let KeePass create the key-disk and thus the key-file.

Create your own key-file

You can use any existing file as your key-file. No matter what file type it is, KeePass will use it. Follow these steps to create your own key-file.

  • On the File menu, click New Database.

    Create a new password database

  • The window 'Create a new password database - Enter master key' should now open. In this exercise, we will use both master password and an existing file as key-file to create the access to the password database.

    Enter a password into the password field and select the checkbox 'and'. Then click the link 'Save key-file manually...'.

    Enter password for the password database

  • Select an existing file as your key-file.

    For this demo, we selected square.gif on USB flash drive as the key-file. Click Save and you should see the disk drive has been changed to G:\square.gif. Click OK to confirm your selection.

    Select key file for password database

    Confirm key file for password database

  • You are now prompted "A key-file already exists on this drive. Do you want to overwrite or reuse it?". You should click No (If you click Yes, KeePass will help you create the key-file). Now KeePass program main window is opened and you can enter new password entries.

    Reuse selected key file for password database

Let KeePass create the key-disk and thus the key-file

You can also make KeePass to create the key-disk for you. This way, KeePass will create a file pwsafe.key on the disk you specify.

  • Select the key-disk drive.

    Screenshot below shows we have selected USB drive G: as key-disk to store the key-file. Click OK to continue.

    Select password key disk

  • Repeat the password.

    Because in this exercise we have used both master password and a key-file for the password database, you will be asked to repeat the password you entered in previous step.

    Repeat password

  • Get random data for key generation.

    Here KeePass needs your input to generate the key-file. Follow instructions on the window to get the random data. When done, click OK.

    Get random data for key generation

    After you click OK, KeePass opens its main program window. In the background, KeePass should have automatically created a key-file pwsafe.key on the USB drive - G:\pwsafe.key.

    The advantage of using key-disk is that KeePass can automatically search for the file pwsafe.key on your key-disk next time you open this password database because KeePass can remember which password database you used last time. No need to specify the actual file name of the key-file.

    The key-disk can also contain key-files of other password databases. To open these other databases, you have to specify the actual key-file name by using the link 'Select key-file manually...'.
On next page, we'll see how to back up your KeePass database.


Inside This Article
1Introduce Free Password Manager - KeePass
2. Beef up your security with a key file
3How to back up KeePass
4Use KeeForm to log into a secure website automatically
5Use Auto-Type to log in a web page automatically
6Use On-Screen Keyboard with KeePass
7Open URLs in different web browsers
8How to use KeePass in a more secure way
Related Articles:

1.Introduce Free Password Manager - KeePass

Other Recent Articles from the Safe Computing category:

1.Choose Good Passwords That You Can't Remember
2.Protect files and folders with file container
3.A MD5 checksum file generated by freeware FileCheckMD5
4.How to check data integrity for copying files / folders and CD burning
5.What is checksum and how to calculate and use checksum values to verify data and file integrity
6.What is index.dat file and how your internet privacy is affected
7.What is keylogger and the differences between software and hardware keylogger
8.Protect Your Computer On the Internet For Free with Six Simple but Essential Steps
9.Introduce Free Password Manager - KeePass
10.Introduce Free Password Manager - Password Safe
11.Do you manage your username and password wisely?

Copyright © 2017 All Rights Reserved.

This website is hosted by HostGator.

No portion may be reproduced without my written permission. Software and hardware names mentioned on this site are registered trademarks of their respective companies. Should any right be infringed, it is totally unintentional. Drop me an email and I will promptly and gladly rectify it.

Home | Feedback | Terms of Use | Privacy Policy