KeePass Help Center

KeePass Home | Package

Downloads | Flag

Translations | Blocks

Plugins

Help Center Home | People

Forums |

Awards |

Links |

KeePass Help Center

Help Center Home People

Forums

First Steps Tutorial Document

Acknowledgements

KeePass 1.x

Installation / Portability Language

Translations Plugins

Plugins

Compatibility / SxS Binary

Error Codes Text

License

KeePass 2.x

Installation / Portability Language

Translations Text

Plugins

Compatibility / SxS Text

Application Policy Text

Auto-Type Obfuscation

Synchronization Text

Triggers

User Interface

Database Settings

Entry

Interface Options

Load/Save From/To URL Text

License

Features

Auto-Type

Command Line Options Key

Composite Master Key Multiple

Configuration

Field References Data Exchange

Import / Export System

Integration People

Multi-User ASCII

Password Generator

Placeholders Repair

Repair Databases Desktop

Secure Edit Controls

Security

TAN Support URL

URL Field

Using Stored Passwords

FAQs

Administrative FAQ Help

Technical FAQ

Development

Customize (1.x) Desktop

Customize (2.x) Console

Scripting (2.x) ASCII

Creating Plugins (1.x) ASCII

Creating Plugins (2.x) Password

Key Providers (1.x) Password

Key Providers (2.x)

Donate

KeePass 2.x Plugins

Installation, uninstallation and security of KeePass plugins.

Introduction

KeePass features a plugin framework. Plugins can provide additional functionality, like support of more file formats for import/export, network functionalities, backup features, etc.

Online Resources

You can download the latest KeePass plugins (and their source code) from http://keepass.info/plugins.html.

Plugin Installation and Uninstallation

If the plugin doesn't provide explicit instructions how to install it, follow these steps:

Download the plugin from the page above and unpack the ZIP file to a directory of your choice.
Copy the unpacked plugin files into the KeePass directory (where the KeePass.exe is) or a subdirectory of it.
Restart KeePass in order to load the new plugin.

In other words, to "install" a plugin you simply need to copy it somewhere into the KeePass directory.

To "uninstall" a plugin, delete the plugin files.

Security

What about the security of plugins? Can't malicious spyware plugins 'inject' themselves into KeePass?

If plugins can register themselves (i.e. have write access to the KeePass directory), they could also just replace the whole KeePass.exe. It's rather a problem of file access rights, not the plugin system.

If you worry about this, you can do the following:

Install KeePass as administrator.
Write-protect the KeePass directory. Nobody must have write access.
Log on as normal user (with no administrator privileges).

This will solve the problem above. Since the KeePass directory is write-protected, no other program can copy files into it. KeePass requires the plugins to be in the application directory. Therefore, plugins cannot inject themselves anymore.

Plugin Cache

PLGX plugins are compiled and stored in a plugin cache directory on the user's system. This cache highly improves the startup performance of KeePass. Old files are normally deleted from the cache automatically (this can be disabled in the plugins dialog).

By default, the plugin cache is located in the user's application data directory. However, this can be overridden using the Application/PluginCachePath setting in the configuration file (this setting supports placeholders and environment variables). So, if you're for example using KeePass on a portable device and don't want the cache to be on the system, you could set the path to {APPDIR}\PluginCache.