KeePass Help Center KeePass Home | Downloads | Translations | Plugins | Donate 
Help Center Home | Forums | Awards | Links 







KDBX 4.1

Changes from the KDBX 4 file format to KDBX 4.1.

On this page, only the enhancements/changes from KDBX 4 to KDBX 4.1 are described. A complete specification of the latest format can be found here: KDBX File Format Specification.

Introduction

KeePass 2.48 introduces version 4.1 of the KDBX file format, which supports various new features. These are outlined in the following sections.

Migration Phase. As not all major KeePass ports have finished adding support for KDBX 4.1 yet, for now KeePass 2.48 saves databases in this new format only when at least one of the following conditions is fulfilled:

  • The database contains a group with a tag.
  • The database contains an entry for which the password quality estimation is disabled.
  • The database contains a custom icon with a non-empty name or a last modification time.
  • The database contains a custom data item with a last modification time.

The existence of a previous parent group reference does not enforce KDBX 4.1 (compatibility with KeePass ports is currently considered to be more important).

As soon as all major KeePass ports support KDBX 4.1, KeePass will always save in this format.


Group Tags

You can now assign tags to groups (in addition to entries).

When searching for entries with a specific tag, an entry matches if the entry or any of its parent groups has this tag.

For Developers
Each Group element may now contain a Tags element, which contains the tags (in the same format as the Tags element of an Entry).


Optional Password Quality Estimation

Up to now, KeePass has displayed a password quality estimation for every entry. However, there are situations where disabling the estimation makes sense. For example, in the case of a closed system that allows only a limited number of failed login attempts, even short passwords can be sufficiently secure (e.g. a 4-digit PIN is extremely weak as a cryptographic key, but for a smart card that allows only 3 attempts, it is ok). Another example is a password that was given to you by a system and cannot be changed.

In the entry dialog of KeePass 2.48, there now is a button for disabling/enabling the password quality estimation for the current entry.

Disabling the password quality estimation for an entry also excludes the entry from password quality reports (menu 'Find' → 'Password Quality').

For Developers
Each Entry element may now contain a boolean QualityCheck element, indicating whether the password quality estimation is enabled for the entry. By default, it is enabled.


Previous Parent Groups

When moving an entry/group into a different group (e.g. into the recycle bin), the previous parent group is remembered now.

KeePass 2.48 provides a command 'Move to Previous Parent Group' (in the 'Rearrange' popup menu) for entries and groups. There are two special cases:

  • If the command will move all selected entries/groups out of the recycle bin, a '(Restore)' suffix is appended to the command name.
  • If at least one entry/group will be moved into/within the recycle bin, a confirmation dialog is displayed.
For Developers
Each Entry/Group element may now contain a PreviousParentGroup element, whose value (inner text) is the UUID (Base64-encoded) of the previous parent group.

For Plugin Developers
If your plugin is moving entries/groups into different groups: the previous parent group can be set using the PreviousParentGroup property of PwEntry/PwGroup.


Custom Icons with Names and Last Modification/Deletion Times

Each custom icon (stored in the database) may now have a name. In the icon picker dialog of KeePass 2.48, custom icons can be renamed by clicking on an already selected name or by pressing the F2 key.

The last modification time of a custom icon is now saved. Furthermore, the UUID and the deletion time of a deleted custom icon are remembered now. These times and the UUID are used in order to synchronize custom icons (modifications and deletions).

For Developers
Each Icon element in CustomIcons may now contain:
  • Name element, whose value (inner text) is the name of the icon.
  • LastModificationTime element, whose value (inner text) is the last modification time of the icon. The time is stored in the same format as the other times.
When deleting a custom icon, a corresponding DeletedObject element is created in DeletedObjects.


Custom Data Items with Last Modification Times

The last modification time of a database-specific custom data item (by a plugin/port) is now saved.

When synchronizing databases, KeePass now merges database-specific custom data items based on their last modification times.

For Developers
Each Item element in KeePassFile/Meta/CustomData may now contain a LastModificationTime element, whose value (inner text) is the last modification time of the item. The time is stored in the same format as the other times.

For Plugin Developers
The last modification times are saved automatically (by the StringDictionaryEx class). No changes in plugins are necessary.


Page History

  • 1.0
    • Final version (no file format changes since 0.5, minor documentation improvements).
  • 0.5
    • Added support for disabling the password quality estimation for an entry.
  • 0.4
    • Added support for group tags.
  • 0.3
    • Added support for remembering the name and the last modification time of a custom icon. Deleting a custom icon now creates a DeletedObject.
  • 0.2
    • Added support for remembering the previous parent group of an entry/group.
  • 0.1
    • Initial draft, for custom data items with last modification times.





Get KeePass