How to change the default KeePass password options
KeePass is an open source password manager for the Windows operating system (and other operating systems thanks to ports) that ticks all the right boxes for me.
While I can understand the appeal of cloud-based password managers -- access your passwords everywhere as long as you have your credentials for the account at hand -- it is always overshadowed by the fact that your data is saved in the cloud which has privacy and security implications.
The past has shown that servers operated by companies that operated password managers are high profile targets that may get breached just like any other server and that they are not without security issues either.
It should be clear that the same thing can happen to your own system but the difference is that you have full control over your own system whereas you have zero control over how your data is stored or processed if you use an online manager.
KeePass was audited in 2016 and no critical vulnerabilities were found during the audit. Users who need cloud access may want to check out KeeWeb, a solution to access KeePass on the Web.
Tip: Click here to open the review of KeePass that I published in 2018.
KeePass changing the default password options
KeePass includes a potent password manager that you may use to generate new passwords when you sign up for services on the Internet or need to change passwords.
You may open the password generator manually with a click on Tools and selecting Generate Password, or access it directly when you create a new database entry.
The password generation options display settings to change the general characteristics of generated passwords. KeePass supports the following options in this regard:
- Change the length of the generated password.
- Use Upper-case characters.
- Use Lower-case characters.
- Use digits.
- Use Minus.
- Use Underline.
- Use Space.
- Use Special.
- Use Brackets.
- High Ansi characters.
- Include custom characters you specify.
You may also switch from generating passwords using a character set, as described above, to generating passwords using patterns or custom algorithms.
You can modify any setting in the password generator but will notice that the setting is not saved automatically.
What you need to do is activate the "save" button in the Password Generation Options. You get options to create a new profile or overwrite an existing profile.
The only profile that you can overwrite when you make the first change is the automatically generated password profile. The profile is used to generate passwords whenever you create a new entry in the database.
KeePass uses the new password generation rules from that moment on if you have modified the "Automatically generated passwords for new entries" rule. You may also create new profiles that you may select then when you generate new passwords.
It is still possible to modify the automatically generated password for individual entries by opening the password generator from the new entry form.
Closing Words
The option to save changes made to the password generator is overlooked easily. A notification on first use would be useful in this regard in my opinion so that users know how that is done.
Now You: Which password manager do you use?
Thanks for the instructions. The steps to save the settings were confusing, so your writeup helped immensely.
Hello,
i have a question:
Is it possible to block the change of the password generator for normal users?
THANK YOU! I’ve been looking for a way to make the changes to the generator stick, and I never found this post before.
Well I am still confused. No matter what I try, new profile, overwriting the automatically generated one the change sticks only as long as the current session. After exiting (and, yes, saving) and then reopening again the 40 characters (up from 20) and Special characters ticked on are lost. Every time. Driving me nuts.
I love Kee Pass. I also have a few reservations. At one point, saving the database started to take… a while. Like 15 seconds, or something. Not a big deal, but annoying.
Changing passwords is unnecessarily nerve-racking. There’s no obvious mechanism to set a new password, test it on the relevant online account, and only remove the old one when you have modified the account accordingly. Of course, the previous password automatically goes into history, where it can be retrieved. But it’s not intuitive.
I have just installed a nifty plug-in, called Kee Pass QR Code View. Right-click any entry, and you can display, under the guise of a QR code, any snippet of data which is saved in any field of that particular entry. A simple, Internet-free and hack-proof way to transfer a password, username (or anything else) to your mobile phone.
The Kee Pass website has an old-fashioned look, and the forum is really lacking.
For Waterfox, Firefox and Chrome I use Keepass. Those are also the browsers that I most use.
One two Microsoft browsers (who I do not use being Edge and MS I.E. 11) I did not find the possibility to implement also Keepass. So I have installed for those Microsoft browsers the password manager LastPass, in case I might need them.
But I have a question, Martin. I have made a mistake during the installed of main KeePass on Waterfox browser when I did so I saw a possibility given by KeePass coming by during the installation, to change or add new colors to the thumbnail (?). Do you know after this very shadowy description what function I mean, how that I can still reinstall the possibility (or new install) and what it was and doing?
Not sure what you mean. Kee Pass is not linked to the browser. You just copy and paste the username and password. You can also use Auto-type, but then again, AFAIK, the browser stays out of that. Some websites might not work with Two-channel auto-type obfuscation, which is the way Kee Pass protects you against potential key-loggers (and then you can disable it for those sites). But it’s dependent on the website, not the browser.
Now if you’re using a plug-in which ties Kee Pass into the browser, and further automates the process, it’s another matter. Strictly speaking, this might lower security, however.