WebAutoType is a KeePass plugin that adds support for AutoType URL matching

Ashwin
Oct 30, 2020
Updated • Nov 17, 2020
Software, Windows software
|
5

Are you a KeePass user? Do you use AutoType? If so, you may have come across a website or two, where the command didn't work.

KeePass WebAutoType options

WebAuToType is a plugin that improves the built-in AutoType functionality of the password manager.

Before we get started, please be aware this is not an autofill plugin like Kee, KeeForm, and others. This plugin enhances the AutoType hotkey's behavior.

How to install WebAutoType and configure it

Download the plugin's ZIP archive from the official webpage. Extract it and copy the .PLGX file to your KeePass' Plugins folder.

KeePass WebAutoType plugin

If the password manager is already running, you will need to restart it to load the plugin. Click on the Tools menu in KeePass, and select WebAutoType options. Enable the checkbox next to the first option, "Use the URL Field Value for matching".

Here is how it works

You may be aware that KeePass has a global shortcut key for AutoType, which is Ctrl + Alt + A. When you visit a website and want to log in to your account using the saved credentials, you use the hotkey.

KeePass title doesn't match

The password manager by default checks the title of the web page, to find the corresponding account's entry in your database. Say you visit a website, click on sign in and use the AuToType hotkey, KeePass will check whether the Title field in the entry matches the webpage's title. If a match is found, the credentials are automatically typed in the username and password fields. When the titles don't match, AutoType won't work, you can read more about it here.

KeePass WebAutoType match

WebAutoType fixes this issue by adding support for URL matching to KeePass' AutoType. This makes the password manager instead check whether the value of the URL field in the saved entry and the webpage are the same. When the contents match, the program will process the AutoType command.

KeePass WebAutoType

Now, what if the link in the URL field and the webpage's address are different? Websites can change the login page's address at anytime, but you can't keep updating the entry, can you?

This isn't a problem with the plugin since it verifies if the URL field's contents is part of the address in the browser tab. For instance, since "https://www.ghacks.net" is a part of "https://www.ghacks.net/login", it is considered a match.

Let's take a look at another example. Say you have an entry saved with the URL http://www.ghacks.net, and you want to log in at the page https://www.ghacks.net. These are not the same and in this case, AutoType will fail. Why? Because the 2nd link contains an "s" after http. Similarly, an extra letter or character in your entry's URL field can prevent AutoType from working. So, in case you encounter errors, you know how to fix it.

WebAutoType has a few other options, it can be set to skip usernames for passwords, and that's nice to have when the cursor is in the password box. The third option in the plugin, "show search for repeated AutoType", is useful when the AutoType command has failed, i.e. no match was found. When that happens, the plugin switches the focus to KeePass window and opens the password manager's Find tool, which you can use to search for the entry.

KeePass WebAutoType find entry

How do you save new entries in KeePass? By manually entering the title, URL, username, etc? WebAutoType can help you with this too, set a hotkey for it (I used Ctrl + Alt + Space). Visit a sign up/login page of a website, and use the shortcut. The plugin will capture the page's title, URL and the username (if it was entered on the page), and adds the data in KeePass' new entry form, so all you need to do is enter/generate a password and save the new login information.

KeePass WebAutoType create new entry

 

WebAutoType is open source and is listed as a recognized plugin on KeePass' official website. I'm using the plugin on Firefox, and tested it with Microsoft Edge (Chromium), and it works with both browsers.

Summary
software image
Author Rating
1star1star1star1stargray
5 based on 2 votes
Software Name
WebAutoType
Operating System
Windows
Software Category
Productivity
Price
Free
Landing Page
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Simon said on November 3, 2020 at 1:56 am
    Reply

    You don’t need a plugin to fix this.
    In KeePass, under entry options, do this:

    -Right click the entry in question and choose edit
    -“Auto-Type” tab
    -Add
    -Target Window, select one from the drop down list
    -Ok
    -Select the window you just added
    -Click edit
    -Use wildcards. Example *ghacks* instead of https://www.ghacks.net/

    1. Martin said on December 13, 2023 at 2:23 pm
      Reply

      Thank you, Simon!

  2. JP said on October 31, 2020 at 11:58 am
    Reply

    I use a browser addon for that, the addon adds the website URL to the pages title, so then keepass matches it with that title as usual. That way there is zero risk that a third party plugin can steal my login data.

  3. Pchek said on October 30, 2020 at 1:20 pm
    Reply

    I didn’t know this plugin, although I’m quite surprised this is not the default behavior of Keepass.

  4. owl said on October 30, 2020 at 11:09 am
    Reply

    Certainly, I felt it was useful.
    However, it is unnecessary for me.

    I love “KeePass PasswordSafe 2.x” and it’s a must-have app.
    I use KeePass to manage all “unique and important data” such as login information, credit card information, passport information, social security and tax number information.
    From the viewpoint of “convenience”, for specific sites (GitHub, ghacks.net, etc.), those data is imported to “Bitwarden –Free Password Manager” that can be linked with my iPad etc.

    Since “KeePass” is the most important vault for me, I manage it locally, never link it with the Cloud. And in principle, Instead of “automating”, I intentionally set it to require labor “manual operation”.
    I am limiting the use of Plugins because I think adding “Plugin” poses a risk of vulnerabilities.
    The Plugins I added are limited to 3 items: HIBPOfflineCheck.plgx, KeePassHIBP.plgx, and KeePassFaviconDownloader.plgx.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.