KeePass   KeePass Help Center Home KeePass Home | Package Downloads | Flag Translations | Blocks Plugins  
Home Help Center Home | People Forums | Award Awards | Search Search  
KeePass Help Center
Text Help Center Home People Forums Text First Steps Tutorial Document Acknowledgements

KeePass 1.x
Setup Installation / Portability Language Translations Plugins Plugins Compatibility Compatibility / SxS Repair Repair Databases Binary Error Codes Text License

KeePass 2.x
Text Installation / Portability Text Plugins Text Compatibility / SxS Text Application Policy Text Auto-Type Obfuscation Folder User Interface Text Database Settings Text Entry Text Interface Options Browsing Load/Save From/To URL Text License

Features
Text Auto-Type Text Command Line Options Text Composite Master Key Text Configuration Text Import / Export Text Integration Text Password Generator Text Secure Edit Controls Security Security Text TAN Support Text URL Field Text Using Stored Passwords

FAQs
Text Administrative FAQ Text Technical FAQ

Development
Text Creating Plugins (2.x) Text Scripting (2.x) Text Key Providers (1.x) Text Key Providers (2.x)

Donate Donate
Configuration

Configuration


Details about how and where KeePass stores its configuration.

KeePass supports multiple locations for storing configuration information: the global configuration file in the KeePass application directory, a local user-dependent one in the user's private configuration folder, and an enforced configuration file in the KeePass application directory. The first one is called global, because everyone using this KeePass installation will write to the same configuration file (and possibly overwriting settings of other users). The second one is called local, because changes made to this configuration file only affect the current user.

KeePass 1.x Only
Configuration files are stored in INI format.

ConfigurationLocationTypical File Path
Global Application Directory C:\Program Files\KeePass Password Safe\KeePass.ini
Global (Virtualized) Windows Vista Virtual Store C:\Users\User Name\AppData\Local\VirtualStore\Program Files\KeePass Password Safe\KeePass.ini
Local User Application Data C:\Documents and Settings\User Name\Application Data\KeePass\KeePass.ini
Enforced Application Directory C:\Program Files\KeePass Password Safe\KeePass.enforced.ini

KeePass 2.x Only
Configuration files are stored in XML format.

ConfigurationLocationTypical File Path
Global Application Directory C:\Program Files\KeePass Password Safe\KeePass.config.xml
Global (Virtualized) Windows Vista Virtual Store C:\Users\User Name\AppData\Local\VirtualStore\Program Files\KeePass Password Safe\KeePass.config.xml
Local User Application Data C:\Documents and Settings\User Name\Application Data\KeePass\KeePass.config.xml
Enforced Application Directory C:\Program Files\KeePass Password Safe\KeePass.config.enforced.xml


Text  Installation by Administrator, Usage by User

If you use the KeePass installer and install the program with administrator rights, the program directory will be write-protected when working as a normal/limited user. KeePass will use local configuration files, i.e. save and load the configuration from a file in your user directory.

Multiple users can use the locally installed KeePass. Configuration settings will not be shared and can be configured individually by each user.


Text  Portable Version

If you downloaded the portable version of KeePass (ZIP package), KeePass will try to store its configuration in the application directory. No configuration settings will be stored in the user directory (if the global configuration file is writable).


Text  Create Portable Version of Installed KeePass

If you are currently using a locally installed version of KeePass (installed by the KeePass installer) and want to create a portable version of it, first copy all files of KeePass to the portable device. Then get the configuration file from your user directory (application data, see above) and copy it over the configuration file on the portable device.


Text  For Network Administrators: Enforced Configuration

KeePass can be forced to load specific configuration settings. Enforced configuration settings are loaded from KeePass.enforced.ini (KeePass 1.x) and KeePass.config.enforced.xml (KeePass 2.x) files in the application directory (where KeePass.exe is stored).

KeePass 1.x Only
Configuration items that are not present in the enforced configuration file are loaded normally from global/local configuration files.

KeePass 2.x Only
Configuration items that are not present in the enforced configuration file are set to their default values.

This method of course only is effective as long as your users run the KeePass installation on the network drive. If they copy KeePass to their hard drives and run it from there, the options you set are not enforced (the local KeePass installation doesn't know anything of the enforced configuration file on the network drive in this case).


Text  Technical Details

This section explains in detail how loading and saving the configuration actually works.

When KeePass starts up and finds both global and local configuration files, it must decide the order in which KeePass tries to get the configuration items. This is controlled by the (Kee)PreferUserConfiguration flag in the global configuration file. If it is not present, it defaults to false.

The flag is set to true in the global configuration file of the KeePass installer package. The portable ZIP package does not contain a configuration file, consequently the flag defaults to false.

KeePass 1.x Only
Loading:
  • Try to get the configuration item from the enforced configuration file. If found, use this one.
  • If the item is neither present in the global configuration file nor in the local one: use default value.
  • If the item is present in the global configuration file, but not in the local one: use item from global configuration.
  • If the item is present in the local configuration file, but not in the global one: use item from local configuration.
  • If the item is present in the global and the local configuration file:
    • If the KeePreferUserConfiguration flag is True, use the item from the local configuration file, otherwise use the one of the global one.
Saving:
  • If the KeePreferUserConfiguration flag is True, try to store the configuration item into the local configuration file. If this fails, try to store the item into the global configuration file. If this fails, report error.
  • If the KeePreferUserConfiguration flag is False, try to store the item into the global configuration file. If this fails try to store the item into the local configuration file. If this fails, report error.

KeePass 2.x Only
Loading:
  • Try to load the enforced configuration file. If the file is found, use all configuration items stored in this file and set all others to the default values.
  • If neither the global configuration file nor the local one exists: use default values.
  • If the global configuration file exists, but no local one: use all values in the global one, set all other to default values.
  • If the local configuration file exists, but no global one: use all values in the local one, set all other to default values.
  • If the global and the local configuration file exist:
    • If the PreferUserConfiguration flag is true, use the local configuration, otherwise use the global one.
Saving:
  • If the PreferUserConfiguration flag is true, try to store all configuration items into the local configuration file. If this fails, try to store them into the global configuration file. If this fails, report error.
  • If the PreferUserConfiguration flag is false, try to store all items into the global configuration file. If this fails try to store them into the local configuration file. If this fails, report error.





Valid XHTML 1.0 Transitional Document

Get Thunderbird

Get KeePass
KeePass is OSI Certified Open Source Software
Copyright © 2003-2008 Dominik Reichl, [Legal Contact] [Disclaimer] [Acknowledgements], Downloads hosted at
SourceForge.net Logo