KeePass 2.48 update includes an upgraded password database file format

Martin Brinkmann
May 8, 2021
Security, Software

The developer of the password manager KeePass released an update to KeePass 2.48 recently. The new version of the versatile includes a new version of the password database file format that KeePass uses to store passwords. KDBX 4.1 introduces several new features, for example group tagging or disabling the password quality estimation feature to exclude passwords from password quality reports.

KeePass 2.48 won't use the new format by default at this stage, mainly because of waiting for KeePass ports to add support for the new format before enabling it in all cases.

The new format will be used if at least one of the following conditions is met:

  • A group with a tag exists.
  • An entry for which password quality estimation has been disabled exists.
  • A custom icon with a non-empty name or a last modification time exists.
  • A custom data item with a last modification date exists.

In other words: the new 4.1 version of the password database file format will be used if one of the new features of it is used.

The new features introduce new options for users. KeePass supported the tagging of individual entries already, and the new group tagging feature extends the tagging functionality to group. Searches will return tags in individual entries and groups now once the new database format is used.

The option to exclude entries from password quality estimations is also useful, for example when sites don't allow users to pick secure passwords. These weak passwords would always be flagged in password quality reports, and the new feature allows users to exclude these from the reports. Reports can be generated by selecting Find > Password Quality.

KeePass 2.48 remembers the previous parent group of an entry and includes a new option called "move to previous parent group" which movies the entry back to its previous parent. It is useful for accidental operations, e.g. the moving of entries to the recycle bin.

The last modification time of custom icons and custom data items is remembered as well in KeePass 2.48; synchronization uses the information, e.g. to determine if a custom icon needs to be deleted.

Additional information about the new KDBX 4.1 format is available on this help page.

The new version of KeePass improves the importing of LastPass CSV files, used to migrate from LastPass to another password manager.

The full changelog lists several improvements, such as improved tag handling and custom icon handling performance.

KeePass 2.48 is available as a portable version and installer.

Closing Words

KeePass is my favorite password manager: it is local only by default but with options to add synchronization and to use other clients or extensions to improve accessibility if required. It is evolving, but without the introduction of changes that alienate part of its userbase.

Now you: which password manager do you use?

software image
Author Rating
5 based on 4 votes
Software Name
KeePass 2.48
Operating System
Software Category
Landing Page

Tutorials & Tips

Previous Post: «
Next Post: «


  1. Jojo said on May 11, 2021 at 7:11 pm

    Found it, thanks again.

    Single click used to be default but was changed along with numerous other options. Unsure why they chose to do that. Perhaps something to do with the new dB format?

  2. Jojo said on May 11, 2021 at 9:44 am


    One other question: I am noticing that it now takes a double-click to open KeePass from the tray. Most other apps there take only one-click. KeePass used to take one-click. Any idea why this new behavior is occurring?

    1. Matt said on May 11, 2021 at 10:49 am

      In settings under the Interface tab there is an option “Single click instead of double click for default tray icon action”. I’m not sure why it is not the default, single clicking is much better. I also like to set the close button to minimize instead of exiting the application since I hit it by mistake all the time. :)

  3. Jojo said on May 9, 2021 at 11:18 pm

    A bunch of options got changed w/o notification or explanation and now I have to wade through the huge number of options to try and figure out what I need to change to get back to where I was.

    Does anyone know how to remove the stars hiding the passwords when I open an entry? I mean permanently, not just clicking on the 3 star control on the right-hand side.

    And how do I get rid of the “Repeat” line below the password line in an entry? I don’t understand what that is for or why I would want that.

    1. stu said on May 10, 2021 at 11:23 pm

      Press control H before opening an entry to show all the passwords all the time as long as you have the password column enabled in the main view.

    2. stu said on May 10, 2021 at 11:20 pm

      Control H before you open the entry will show all the passwords all the time.

    3. Matt said on May 10, 2021 at 6:12 pm

      Ctrl + H should hide/unhide the passwords and the setting should stick permanently. The repeat line is to make sure you typed the password correctly without any mistakes. Imagine if you set a password but you accidentally made a typo, and now you are locked out forever. It’s a pretty important safety feature.

      1. Matt said on May 10, 2021 at 6:14 pm

        Forgot to mention that if you do unhide the asterisks, the repeat line will be greyed out since you can obviously see what you are typing.

  4. George said on May 9, 2021 at 6:17 pm

    What a fantastic piece of software KeePass 2 is.

  5. Jojo said on May 9, 2021 at 9:40 am

    Suggest checking the options after install. Some I had checked got turned off, such as minimize to the tray.

  6. Jojo said on May 9, 2021 at 9:21 am

    I’d like to see KP add a creation date to all new entries. I do this manually now so that I have a record for when I created the entry.

    1. Adam said on May 10, 2021 at 2:24 pm

      I’m currently using KeePass 2.47 and there is a creation time (MM/DD/YYYY HH:MM:SS AM/PM) field that appears to be automatically created. Note that time and date format may vary depending on your regional settings.

  7. bitwarden is nice said on May 8, 2021 at 12:51 pm

    I always wondered, why are there so many branches in development? keepass, keepass2, keepassx, keepassxc and perhaps more.

    1. Foul said on May 10, 2021 at 12:06 am
      1. Anonymous said on May 10, 2021 at 11:02 pm

        How safe is this?

    2. Matt said on May 8, 2021 at 6:12 pm

      Keepass 1.x was the originally release, I don’t know why they still maintain it being that Keepass 2.x can do everything it can and more. KeepassX was a community port to Linux and later to MacOS and Windows, but development on it was apparently kind of slow so it was once again ported as KeePassXC. I think the biggest difference is that KeePass is a native Windows program developed in C# and requires the .Net framework while KeepassX/XC are built on C++ and runs on all platforms. There are other differences of course, it’s all very confusing.

      On Windows 10 I use KeePass 2 and on my iMac I use KeePassXC.

    3. Emanon said on May 8, 2021 at 1:13 pm

      You clearly lost, there’s only one branch in the development, the others are forks from the community.

  8. Dan said on May 8, 2021 at 12:37 pm

    I use Keepass as well. The one feature I am waiting for is the ability to store more than one URL associated with a password, so that sites with multiple login domains will autofill properly via Keepass savvy web add-ons.

    1. iamworthless said on May 11, 2021 at 3:35 am

      You can already do this. Duplicate Entry and than check Replace username and passwords with references,All you need to do is change the title to the corresponding website.

    2. iamworthless said on May 11, 2021 at 3:31 am

      I Duplicate Entry with references to username/password and just change the title to the website.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.