File: faq_tech.html

package info (click to toggle)
keepass2 2.57%2Bdfsg-1~bpo12%2B1
links: PTS, VCS
area: main
in suites: bookworm-backports
size: 14,520 kB
sloc: cs: 120,930; xml: 6,271; cpp: 322; sh: 53; makefile: 49
file content (768 lines) | stat: -rw-r--r-- 33,405 bytes
parent folder | download | duplicates (3)
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />

	<meta http-equiv="X-UA-Compatible" content="IE=edge" />
	<meta http-equiv="expires" content="0" />
	<meta http-equiv="cache-control" content="no-cache" />
	<meta http-equiv="pragma" content="no-cache" />

	<meta name="author" content="Dominik Reichl" />

	
	

	<meta name="DC.title" content="Technical FAQ - KeePass" />
	<meta name="DC.creator" content="Dominik Reichl" />
	<meta name="DC.type" content="Text" />
	<meta name="DC.format" content="text/html" />
	<meta name="DC.language" content="en" />
	<meta name="DC.rights" content="Copyright (C) 2003-2024 Dominik Reichl" />

	<meta name="robots" content="index, follow" />

	<title>Technical FAQ - KeePass</title>
	<base target="_self" />
	<link rel="stylesheet" type="text/css" href="../../default.css" />

	
</head>
<body>




<table class="sectionheader"><tr>
<td><img src="../images/b64x64_help.png" alt="" /></td>
<td><h1>Technical FAQ</h1>
<p>Frequently Asked Questions about the usage of KeePass.</p></td>
</tr></table>

<br />
Configuration:
<ul>
<li><a href="#nooptsave">I've saved my options, but when I reopen KeePass I
get the old options. What's wrong?</a></li>
</ul>

Installation / Integration:
<ul>


<li><a href="#sysreq2x">Why doesn't KeePass 2.x run on my computer?</a></li>
<li><a href="#netshare2x">Why does KeePass 2.x crash when starting it from a
network drive/share?</a></li>
<li><a href="#fips2x">Does KeePass 2.x use FIPS-validated algorithm implementations?</a></li>


<li><a href="#remotechm">Why doesn't the CHM help file work?</a></li>
<li><a href="#moreappicons">Where can I find more <i>application icons</i> for Windows shortcuts?</a></li>
<li><a href="#moreclienticons">How can I add more <i>client icons</i> for password entries?</a></li>
<li><a href="#minimode">Does KeePass support a <i>mini mode</i>?</a></li>
<li><a href="#nolockafterat">Why doesn't KeePass lock after Auto-Type?</a></li>
<li><a href="#athotkey">Why doesn't Auto-Type work correctly on Polish systems?</a></li>



<li><a href="#internet">Why does KeePass try to connect to the Internet?</a></li>
<li><a href="#guidark">Does the GUI support dark themes?</a></li>
<li><a href="#guifont">How to change the GUI font (size)?</a></li>
</ul>

Security:
<ul>
<li><a href="#autotypelog">Is <i>Auto-Type</i> keylogger-safe?</a></li>
<li><a href="#autotypetarget">Can <i>Auto-Type</i> locate child controls?</a></li>
<li><a href="#encryptionalgo">Could you add the ... encryption algorithm to KeePass?</a></li>
<li><a href="#noautolock">Why doesn't KeePass lock while a sub-dialog is open?</a></li>
<li><a href="#printtempfile">Printing creates a temporary file. Will it be erased securely?</a></li>
<!-- <li><a href="#memprot">Why KeePass 2.x resets process memory protection options?</a></li> -->
<li><a href="#qualest">Why the estimated quality of a password suddenly drops?</a></li>
</ul>

Usage:
<ul>
<li><a href="#rtftext">How to store and work with large amounts of (formatted) text?</a></li>
<li><a href="#email">Can an e-mail address field be added?</a></li>
</ul>

<br />

<a name="nooptsave"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
I've saved my options, but when I reopen KeePass I get the old options. What's wrong?</h2>

<p>KeePass supports two different locations for storing configuration information:
the global configuration file in the KeePass directory and a local, user-dependent
one in the user's private configuration folder. Most likely you do not have write
access to your global configuration file.</p>

<p>For more details, see
<img src="../images/b16x16_kmultiple.png" alt="" />
<a href="configuration.html">Configuration</a>.</p>

<br />



<a name="sysreq2x"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why doesn't KeePass 2.x run on my computer?</h2>

<p><b>Symptoms:</b> When trying to run KeePass 2.x on Windows &le; XP,
an error message like the following is displayed:<br />
<i>&quot;A required .DLL file, MSCOREE.DLL, was not found&quot;</i> or<br />
<i>&quot;The application failed to initialize properly (0xc0000135)&quot;</i>.</p>

<p><b>Cause:</b> KeePass 2.x requires Microsoft .NET Framework &ge; 2.0.</p>

<p><b>Resolution:</b> Install Microsoft .NET Framework 2.0 or higher.
It is available as a free download from the Microsoft website:
<!-- https://msdn.microsoft.com/en-us/netframework/aa569263.aspx -->
<a href="https://dotnet.microsoft.com/" target="_blank">Microsoft .NET Framework</a>.
Alternatively, you can install it through
Windows Update (the framework is an optional component).</p>

<p>KeePass 1.x does not require this framework.</p>

<br /> 

<a name="netshare2x"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why does KeePass 2.x crash when starting it from a network drive/share?</h2>

<p><b>Symptoms:</b> When trying to run KeePass 2.x from a network drive/share,
you get an error message like the following:<br />
<i>&quot;Application has generated an exception that could not be
handled&quot;</i> or<br />
<i>&quot;KeePass has encountered a problem and needs to close&quot;</i>.</p>

<p><b>Cause:</b> The strict default security policy by the Microsoft .NET
Framework disallows running .NET applications from a network drive/share.</p>

<p><b>Recommended resolution:</b> Copy/install KeePass 2.x onto a local hard
disk, and run the copy.</p>

<p><b>Alternative, not recommended resolution:</b>
Configure the security policy to allow running .NET applications from
network drives/shares. Ask your administrator to do this (administrative
rights are required). If you have administrative rights and want to do
it yourself, you can use the
<!-- https://msdn.microsoft.com/en-us/library/cb6t8dtz.aspx -->
<!-- https://docs.microsoft.com/en-us/dotnet/framework/tools/caspol-exe-code-access-security-policy-tool -->
<a href="https://learn.microsoft.com/en-us/dotnet/framework/tools/caspol-exe-code-access-security-policy-tool"
target="_blank">Code Access Security Policy Tool (Caspol.exe)</a>
that ships with the .NET framework (helpful instructions can be found
<!-- https://blogs.msdn.com/shawnfa/archive/2004/12/30/344554.aspx -->
<!-- https://blogs.msdn.microsoft.com/shawnfa/2004/12/30/using-caspol-to-fully-trust-a-share/ -->
<!-- https://docs.microsoft.com/en-us/archive/blogs/shawnfa/using-caspol-to-fully-trust-a-share -->
<a href="https://learn.microsoft.com/en-us/archive/blogs/shawnfa/using-caspol-to-fully-trust-a-share"
target="_blank">here</a> and
<!-- https://blogs.msdn.com/shawnfa/archive/2005/07/27/443975.aspx -->
<!-- https://blogs.msdn.microsoft.com/shawnfa/2005/07/27/why-is-caspol-prompting-me-for-confirmation/ -->
<!-- https://docs.microsoft.com/en-us/archive/blogs/shawnfa/why-is-caspol-prompting-me-for-confirmation -->
<a href="https://web.archive.org/web/20190130133418/https://blogs.msdn.microsoft.com/shawnfa/2005/07/27/why-is-caspol-prompting-me-for-confirmation/"
target="_blank" rel="nofollow">here</a>).</p>

<br />

<a name="fips2x"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Does KeePass 2.x use FIPS-validated algorithm implementations?</h2>

<p>KeePass uses many algorithms. This FAQ answer focuses on the algorithms
used for encrypting/decrypting a database file.
Typically, KeePass primarily uses AES-256, SHA-256, HMAC-SHA-256 and SHA-512
here (unless the user has specified a different
<a href="security.html#secencrypt">encryption algorithm</a> or a different
<a href="security.html#secdictprotect">key derivation function</a> in the
<a href="../v2/dbsettings.html">database settings</a>).
For these algorithms, the .NET Framework provides classes, and KeePass
uses these.</p>

<p>Since version 4.8, the .NET Framework supports using FIPS-validated
implementations of the algorithms above
(see '<a href="https://learn.microsoft.com/en-us/dotnet/framework/whats-new/#whats-new-in-net-framework-48"
target="_blank">What's new in .NET Framework 4.8</a>').</p>

<p>For compatibility with older .NET Framework versions, KeePass ignores
the FIPS mode by default. If all your PCs have the .NET Framework 4.8 or higher
installed, you can enable the usage of FIPS-validated algorithm
implementations by opening the 'KeePass.exe.config' file using a text editor
and deleting the line
'<code>&lt;enforceFIPSPolicy enabled=&quot;false&quot; /&gt;</code>'.</p>

<p>Implementations of other algorithms (such as ChaCha20 and Argon2) are not
FIPS-validated. If Microsoft provides validated implementations of those
algorithms in the future, we will consider using them.</p>

<br />


<a name="remotechm"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why doesn't the CHM help file work?</h2>

<p><b>Symptoms:</b> When trying to open the KeePass CHM help file from
a remote computer or shared network drive, it's not displayed correctly
(navigation aborted, ...).</p>

<p><b>Solution:</b> See
<!-- https://support.microsoft.com/en-us/kb/896358 -->
<!-- https://support.microsoft.com/en-us/help/896358 -->
<a href="https://support.microsoft.com/en-us/topic/ms05-026-a-vulnerability-in-html-help-could-allow-remote-code-execution-e482d0f1-6967-b4f5-02e0-2e8c19554d10"
target="_blank">Microsoft Security Bulletin MS05-026</a>.</p>

<br />

<a name="moreappicons"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Where can I find more <i>application icons</i> for Windows shortcuts?</h2>

<br />
<table class="laytable">
<tr><td>
Application icons are icons in Windows ICO format. They can be used in
Windows shortcuts and/or as file association icons. The KeePass executable
contains various application icons which can be used for these purposes.<br />
<br />
Additional application icons are available from the &quot;<code>Ext/Icons_*</code>&quot;
directories of the KeePass source code <a href="https://keepass.info/download.html"
target="_blank">package</a>.
Most of them, shown at right, are slight variations of the main KeePass icon.<br />
<br />
Even more, contributed icons (by users) can be found on the
<a href="https://keepass.info/plugins.html#appicons"
target="_blank">plugins page</a>.<br />
<br />
If you have multiple KeePass databases, you can use differently colored KeePass
application icons in order to distinguish them.<br />
<br />
These icons are not included in the binary distribution because this would make
the application file too large.<br /><br />
</td>
<td style="width: 154px; text-align: right;">
<img src="../images/appicons.png" alt="Application Icons" />
</td></tr></table>

<br />

<a name="moreclienticons"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
How can I add more <i>client icons</i> for password entries?</h2>

<br />
<table class="laytable">
<tr><td>
Client icons are the icons used for password entries and groups within KeePass.
Each entry can be assigned its own icon.<br />
<br />



You can import your own icons into KeePass databases. For this, click the <i>'Add...'</i>
button in the icon picker dialog.<br />
<br />
Supported formats are BMP, EMF, GIF, ICO, JPEG, PNG, TIFF and WMF.

<br />
</td>
<td style="width: 154px; text-align: right;">
<img src="../images/clienticons.gif" alt="Client Icons" />
</td></tr></table>

<br />

<a name="minimode"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Does KeePass support a <i>mini mode</i>?</h2>

<br />






<!-- A mini mode is not supported yet. -->
Functions can be blocked/enforced using an <a href="https://keepass.info/help/kb/config_enf.html"
target="_blank">enforced configuration file</a>.


<br /><br />

<a name="nolockafterat"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why doesn't KeePass lock after Auto-Type?</h2>

<br />






This does not apply to KeePass 2.x.


<br /><br />

<a name="athotkey"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why doesn't Auto-Type work correctly on Polish systems?</h2>

<p>On Polish systems, the default auto-type hot key
<kbd><kbd>Ctrl</kbd>+<kbd>Alt</kbd>+<kbd>A</kbd></kbd>
conflicts with a system command and is frequently used in typing.
Therefore, auto-type is often executed accidentally.</p>

<p>The global auto-type hot key can be changed to a different key combination
in the KeePass options (see
<a href="autotype.html#autoglobal">Auto-Type</a> for details).</p>

<br />


<a name="print1x"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why doesn't printing work in KeePass 1.x?</h2>

<p><b>Symptoms:</b> When trying to print a password list in KeePass 1.x,
nothing happens after clicking OK in the 'Print Options' dialog.</p>

<p><b>Cause:</b> KeePass 1.x uses the application associated with <code>.html</code>
files to print the password list. If this application doesn't support the
&quot;print&quot; shell verb (like Mozilla Firefox), nothing happens.</p>

<p><b>Resolution:</b> Associate <code>.html</code> files with a different
application that supports the &quot;print&quot; shell verb (like Internet Explorer).</p>

<p><b>Alternative Resolution / Workaround:</b>
Click <i>'File' &rarr; 'Print Preview'</i> in KeePass 1.x and
manually print the document in the application that just opened the file.</p>

<br />


<a name="internet"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why does KeePass try to connect to the Internet?</h2>

<p>KeePass has an option to automatically check for updates on each program start.
In order to check for updates, KeePass downloads a small version information
file and compares the available version with the installed version.
No personal information is sent to the KeePass web server.</p>

<p>Automatic update checks are performed unintrusively in the background.
A notification is only displayed when an update is available.
Updates are not downloaded or installed automatically.</p>

<p>When starting KeePass for the first time, it asks whether to enable
automatic update checks (recommended). They can be enabled/disabled at any
time using the option in 'Tools' &rarr; 'Options' &rarr; tab 'Advanced'.</p>

<br />

<a name="guidark"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Does the GUI support dark themes?</h2>

<p>Yes. KeePass supports all system themes, including dark ones.</p>

<ul class="withspc">
<li>On Windows 11, a (dark) theme can be selected in the
Windows Settings &rarr; 'Accessibility' &rarr; 'Contrast themes'.</li>
<li>On Windows 10, a (dark) theme can be selected in the
Windows Settings &rarr; 'Ease of Access' &rarr; 'High contrast'.</li>
<li>On Windows 7, 8 and 8.1, a (dark) theme can be selected in the
Windows Control Panel &rarr; 'Appearance and Personalization' &rarr; 'Personalization'.</li>
</ul>

<!-- <p>Example (Windows 10, 'High Contrast Black' theme):</p> -->
<p>Example (Windows 11, 'Dusk' theme):</p>

<div style="text-align: center;">
<img src="../images/getkey_dark.png" alt="Dark Master Key Prompt Dialog" />
</div>

<p><b>Option 'Choose your (default app) mode' &rarr; 'Dark'.</b><br />
Windows 11 has an option 'Choose your mode' (on Windows 10, it is called
'Choose your default app mode'), which can be set to 'Dark'.
Note that this option applies to UWP apps only, not to regular Windows applications.
Windows allows the UWP option to contradict the system theme
(e.g. a light system theme may be active even when the UWP option is set to 'Dark').
KeePass is a regular Windows application, not a UWP app,
thus it follows the system theme, not the UWP option.
This is the expected behavior; KeePass does not have anything to do
with UWP options.</p>

<p><b>Custom appearance.</b><br />
If you want to change KeePass' appearance independent of the active
system theme, you might be interested in the
<a href="https://keepass.info/plugins.html#keetheme" target="_blank">KeeTheme</a> plugin.</p>

<br />

<a name="guifont"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
How to change the GUI font (size)?</h2>

<p>KeePass uses the default graphical user interface (GUI) font that has
been specified in the operating system settings.
So, if you want to change the font (especially the size of the font)
that KeePass uses, change it globally.</p>

<ul class="withspc">
<li>On Windows 11, the font size can be changed in the Windows Settings &rarr;
'System' &rarr; 'Display' &rarr; 'Scale &amp; layout' &rarr;
option 'Scale'.
Restart Windows after changing this option.<br />
<img src="../images/b16x16_warning.png" class="textimg" alt="Warning" />
Do <em>not</em> use the option 'Text size' (in the
Windows Settings &rarr; 'Accessibility' &rarr; 'Vision'),
because this option does not scale all texts properly.</li>

<li>On Windows 10, the font size can be changed in the Windows Settings &rarr;
'System' &rarr; 'Display' &rarr; 'Scale &amp; layout' &rarr;
option 'Change the size of text, apps, and other items'.
Restart Windows after changing this option.<br />
<img src="../images/b16x16_warning.png" class="textimg" alt="Warning" />
Do <em>not</em> use the option 'Make text bigger' (in the
Windows Settings &rarr; 'Ease of Access' &rarr; 'Display'),
because this option does not scale all texts properly.</li>

<li>On Windows 7, 8 and 8.1, the font size can be changed in the
Windows Control Panel &rarr; 'Appearance and Personalization' &rarr; 'Display'.</li>

<li>On Linux systems with KDE 5 or higher, the font can be
changed in the system settings &rarr; 'Fonts'.</li>

<li>On Linux systems with GNOME 3 or higher, the font can be
changed using GNOME Tweaks &rarr; 'Fonts'.</li>
</ul>

<p>In addition to supporting these system settings, KeePass allows
to customize the fonts that are used in lists and for passwords
(in the options dialog; these settings affect KeePass only,
no other applications).</p>

<!-- <p>For Windows 7 and higher:</p>
<ul>
<li>If you only want to make the text larger/smaller, open the Control Panel
&rarr; 'Display'; here you can change the font size.<br /><br /></li>
<li>If you want to change other properties of the font (style, ...), open the Control Panel
&rarr; 'Personalization' &rarr; 'Window color' &rarr; 'Advanced display settings'
(this option is absent in Windows 8); here you can change the font.</li>
</ul> -->

<br />

<a name="autotypelog"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_ktouch.png" alt="" />
Is <i>Auto-Type</i> keylogger-safe?</h2>

<p><i>Is the Auto-Type feature resistant to keyloggers?</i></p>






By default: no. The Auto-Type method in KeePass 2.x works the same as the one in
1.x and consequently is not keylogger-safe.<br />
<br />
However, KeePass features an alternative method called
<a href="../v2/autotype_obfuscation.html">Two-Channel Auto-Type Obfuscation (TCATO)</a>,
which renders keyloggers useless. This is an opt-in feature (because it
doesn't work with all windows) and must be enabled for entries manually.
See the TCATO documentation for details.<br />


<br /><br />

<a name="autotypetarget"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_ktouch.png" alt="" />
Can <i>Auto-Type</i> locate child controls?</h2>

<p>No. Auto-Type only checks whether the title of the currently active top level
window matches.</p>

<p>Browsers like Mozilla Firefox completely draw the window (all controls)
themselves, without using standard Windows controls. Consequently it is
technically impossible for KeePass to check whether a URL matches (methods
like creating a screenshot and using optical character recognition
are not reliable and secure). Also, it's impossible to check which child
control currently has the focus. These problems can only be avoided by using
browser integration plugins, i.e. not using auto-type at all.</p>

<p>The user must make sure that the focus
is placed in the correct control before starting auto-type.</p>

<br />

<a name="encryptionalgo"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Could you add the ... encryption algorithm to KeePass?</h2>

<br />






AES (Rijndael) and ChaCha20 are supported.
There exist various
<a href="https://keepass.info/plugins.html" target="_blank">plugins</a>
that provide support for additional encryption algorithms,
including but not limited to Twofish, Serpent and GOST.<br />
<br />
If you'd like to implement an algorithm, have a look at the <em>ArcFourCipher</em> sample plugin.


<br /><br />

<a name="noautolock"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why doesn't KeePass lock while a sub-dialog is open?</h2>

<p>KeePass has various options to lock its workspace automatically
(after some time of inactivity, when the computer gets locked or the user
is switched, when the computer gets suspended, etc.).
However, the workspace is not locked automatically while a sub-dialog
(like the 'Edit Entry' dialog) is open.</p>

<p>To understand why this behavior makes sense, it is first important to know what happens
when the workspace gets locked. When locking, KeePass completely closes the database
and only remembers several view parameters, like the last selected group, the top visible
entry, selected entries, etc. From a security point of view, this achieves the best
security possible: breaking a locked workspace is equal to breaking the database itself.</p>

<p>Now back to the original question. Let's assume a sub-dialog is open and
one of the events occurs that should automatically lock the workspace.
What should KeePass do now?
In this situation, KeePass cannot ask the user what to do,
and must make an automatic decision. There are several possibilities:</p>

<ul class="withspc">
<li><em>Do not save the database and lock.</em><br />
In this case, all unsaved data of the database would be lost. This not only applies to
the data entered in the current dialog, but to all other entries and groups
that have been modified previously.</li>

<li><em>Save the database and lock.</em><br />
In this case, possibly unwanted changes are saved. Often you open files, try something,
having in mind that you can just close the file without saving the changes.
KeePass has an option 'Automatically save database when KeePass closes or the workspace
is locked'. If this option is enabled and no sub-dialog is open, it's clear what to do:
try to save the database and if successful: lock the workspace. But what to do with
the unsaved changes in the sub-dialog? Should it be saved automatically, taking away the
possibility of pressing the 'Cancel' button?</li>

<li><em>Save to a temporary file and lock.</em><br />
This appears to be the best alternative at first glance, but there are several problems with
it, too. First of all, saving to a temporary file could fail (for example, there could be too
few free disk space, or some other program like a virus scanner could block it).
Secondly, saving to a temporary file isn't uncritical from a security point of view.
When having to choose a location, typically the user's temporary directory on the hard
disk is chosen (because it likely has enough free space, required rights for access, etc.).
KeePass databases could be leaked and accumulated there.
It's not clear what should happen when the computer is being shutdown or crashes while being
locked. When the database is opened the next time, should it use the database stored in
the temporary directory instead? What should happen if the 'real' database has been modified
in the meanwhile (a quite realistic situation if you're carrying your database on an
USB stick)?</li>
</ul>

<p>Obviously, none of these alternatives is satisfactory.
Therefore, KeePass implements the following simple and easy to understand behavior:</p>

<p><em>KeePass doesn't lock while a sub-dialog is open.</em></p>

<p>This simple concept avoids the problems above. The user is responsible for the
state of the program.</p>

<!-- <p>Security consequence: the database is left open when Windows locks.
Normally, you are the only one who can log back in to Windows. When someone else logs in
(like administrator), he can't use your programs anyway. By default, KeePass keeps
in-memory passwords encrypted, therefore it does not matter if Windows dumps the process
to disk at some time. So, your passwords are pretty safe anyway.</p> -->

<p>Note that opening a sub-dialog is typically only required for
<em>editing</em> something; it is not required for <em>using</em>
entries, as the main window provides
<a href="usingpws.html">various methods</a> for this.</p>

<p><strong>Locking when Windows locks.</strong>
On Windows XP and older, the Windows service <em>'Terminal Services'</em>
should be enabled. If this service is disabled, locking KeePass
when Windows locks might not work. This service isn't required on newer
operating systems.</p>

<br />

<a name="printtempfile"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Printing creates a temporary file. Will it be erased securely?</h2>

<p>KeePass creates a temporary HTML file when printing password lists and showing
print previews. This file is securely deleted when closing the database.</p>

<p>You must wait for the file being printed completely before closing KeePass
(and close the print preview before closing KeePass), otherwise it could happen
that the printing application blocks KeePass from deleting the file.</p>

<p>There is no way around the temporary file in the current printing system.
If you want to write a plugin that directly sends the data to the printer, you can
find a plugin development tutorial here:
<a href="https://keepass.info/help/v2_dev/plg_index.html"
target="_blank">KeePass 2.x Plugin Development</a>.</p>

<br />

<!-- <a name="memprot"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why KeePass 2.x resets process memory protection options?</h2>

<p><i>Important: the following describes a behavior related to process memory protection,
which has nothing to do with database encryption. All database fields are
encrypted; see the <a href="security.html">Security</a> page for details.</i></p>

<p>For all fields except the password field, process memory protection is turned
off automatically when the fields are searched or displayed as plain text.</p>

<p>If you want data to be protected in memory,
you additionally must turn on hiding by asterisks for the column and
never search this field type. Process memory protection is useless otherwise.
If you don't hide by asterisks or search, your data is clear in memory, no
matter whether the process memory protection is on or off.</p>

<br /> -->

<a name="qualest"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Why the estimated quality of a password suddenly drops?</h2>

<p>For estimating the quality/strength of a password, KeePass not only uses
statistical methods (like checking which character ranges are used,
repeating characters and differences), it also has a built-in list of
common passwords and checks for patterns. When completing a common password or a
repetition, the estimated quality can drop.</p>

<p>Details can be found on the
<a href="https://keepass.info/help/kb/pw_quality_est.html"
target="_blank">Password Quality Estimation</a> help page.</p>

<br />

<a name="rtftext"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
How to store and work with large amounts of (formatted) text?</h2>

<br />






<table class="laytable">
<tr><td>
KeePass has a built-in editor that allows working conveniently with
large amounts of (formatted) texts.<br />
<br />
To add a large text to an entry, import the file as attachment
(or click 'Attach' &rarr; 'Create Empty Attachment').
The built-in editor supports *.TXT (simple text) and *.RTF (formatted text) files.<br />
<br />
In order to edit an attachment, right-click onto the entry in the main window,
point on 'Attachments' and click '<i>YourFile.*</i>'. Alternatively,
if the text file
is the only attachment, you can open it by just double-clicking onto
it in the main window (enable showing the attachment column in 'View' &rarr;
'Configure Columns' &rarr; 'Attachments'). Alternatively, it's also possible to click the name of
the attachment in the entry details view in the main window.<br />
<br />
For TXT files, the built-in editor supports standard operations like cut,
copy, paste, undo, word wrap, etc. For RTF files, additionally standard formatting
commands are available: choosing the font, font size, bold, italic, underline,
strikeout, text and background colors, align left/center/right, etc.
</td>
<td style="width: 154px; text-align: right;">
<a href="../images/rtfeditor.png"><img src="../images/rtfeditor_small.png"
alt="Editor Screenshot" /></a>
</td></tr></table>


<br /><br />

<a name="email"></a>
<h2 class="sectiontitle"><img src="../images/b16x16_help.png" alt="" />
Can an e-mail address field be added?</h2>

<p>A few times it has been requested that a standard entry field for e-mail addresses
is added (on the main tab page in the entry editing dialog).
The short answer: an e-mail address field will not be added
due to usability reasons. Now the long answer.</p>

<p>First of all, let's assume that most of the entries stored in KeePass
contain information for logging in to websites.
When you register an account for a website, you often have to specify a
user name as well as an e-mail address. When you regularly
log in later, you usually only need to provide either user name + password
or e-mail + password (never user name + e-mail + password).
Here the first part (which is either user name or e-mail) serves as
identification: you tell the website who you are.
The second part (password) provides authentication: you prove to the
website that you're really the one who you claim to be.</p>

<p>There are various methods how KeePass can transfer data to
other applications. All of these methods by default assume that the content
of the user name field is used for identification. For example,
the default <a href="autotype.html#autoseq">auto-type sequence</a> of
an entry is
<code>{USERNAME}{TAB}{PASSWORD}{ENTER}</code>, the default
<a href="https://keepass.info/plugins.html#formfiller" target="_blank">KeeForm</a>
configuration uses the user name, etc.
Now on the one hand some websites require an e-mail address instead
of a user name. On the other hand we want the default data transfer configuration
to work for most websites (such that the work that the user has to put
into the configuration is kept minimal and only needed for
websites using special login forms).</p>

<p>The solution is simple: instead of interpreting the 'User Name' field
strictly as a field containing a user name, users should rather interpret
it as a field in which the data required for identification is stored.
This data can consist of a user name, an e-mail address or something else
(e.g. an account number for an online banking website).
By handling it like this, the default data transfer configuration will work for most
websites, i.e. zero amount of work needs to be put into
the configuration.
If you had to provide both a user name and an e-mail address at
registration time, the other information (which isn't required
on a regular basis) can be stored e.g. in
the notes field or a custom string field of the KeePass entry.</p>

<p>Now assume a separate e-mail field would be added.
When users store both a user name and an e-mail address,
KeePass cannot know which of the two is required for identification.
So, in order to setup data transfer for the entry, users would be forced
to choose which of the two fields should be used.</p>

<p>So, adding an e-mail field would be a step back in usability,
because it forces users to put additional time into data transfer configuration.
The current system ('User Name' containing identification information,
without a separate e-mail field) doesn't require this, and thus is
the better solution.</p>

<p>For users that are willing to manually configure the data transfer for each
entry, there are multiple ways to get a separate e-mail address field.
After switching to the 'Advanced' tab in the entry editing dialog,
an e-mail address field can be added as custom string.
If the field should appear on the main tab page of the dialog, the
<a href="https://keepass.info/plugins.html#kpentrytemplates"
target="_blank">KPEntryTemplates</a> plugin can be used.</p>

</body></html>