License and Disclaimers

KeePassXC is licensed with the GNU General Public License Version 3. All copyrights and additional licenses are recorded in COPYING.

Disclaimer of Warranty

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. Except when otherwise stated in writing the copyright holders and/or other parties provide the program "as is" without Warranty of any kind, either expressed or implied, including, but not limited to, the implied warranties of Merchantability and fitness for a particular purpose. The entire risk as to the quality and performance of the program Is with you. Should the program prove defective, you assume the cost of all necessary servicing, repair or correction.

Limitation of Liability

In no event unless required by applicable law or agreed to in writing will any copyright holder, or any other party Who modifies and/or conveys the program as permitted above, be liable to you for damages, including any general, Special, incidental or consequential damages arising out of the use or inability to use the program (including but not Limited to loss of data or data being rendered inaccurate or losses sustained by you or third parties or a failure of The program to operate with any other programs), even if such holder or other party has been advised of the possibility Of such damages.

Interface Overview

Application Layout

The KeePassXC interface is designed for simplicity and easy access to your information. The main database view is split into four main partitions detailed below. You can open multiple databases at the same time, they will appear in tabs.

main interface
Figure 1. Main database interface

(A) Groups – Organize your entries into discrete groups to bring order to all of your sensitive information. Groups can be nested under each other to create a hierarchy. Settings from parent groups get applied to their children. You can hide this panel on the View menu.

(B) Tags – Dynamic groups of entries that can be quickly displayed with one click. Any number of custom tags can be added when editing an entry. This panel also includes useful pre-defined searches, such as finding expired and weak passwords.

(C) Entries – Entries contain all the information you want to store for a website or application you are storing in KeePassXC. This view shows all the entries in the selected group. Each column can be resized, reordered, and shown or hidden based on your preference. Right-click the header row to see all available options.

(D) Preview – Shows a preview of the selected group or entry. You can temporarily hide this preview using the close button on the right hand side or completely disabled in the application settings.

You can enable double-click copying of entry username and password in the Application Security Settings. This is turned off by default starting with version 2.7.0.


The toolbar provides a quick way to perform common tasks with your database. Some entries in the toolbar are dynamically disabled based on the information contained in the selected entry. Every common action in KeePassXC can be controlled with a keyboard shortcut as well.

Figure 2. Toolbar overview

(A) Database – Open Database, Save Database, Lock Database
(B) Entries – Create Entry, Edit Entry, Delete Selected Entries
(C) Entry Data – Copy Username, Copy Password, Copy URL, Perform Auto-Type
(D) Tools – Password Generator, Application Settings
(E) Search

Application Settings

Users can configure KeePassXC to their personal tastes with a wide variety of general and security settings that apply to the whole application. These settings are accessible from ToolsSettings or the cog wheel icon from the toolbar. Settings include: startup options, file management, entry management, user interface, language, security timeouts, and convenience.

Setting the Theme

KeePassXC ships with light and dark themes specifically designed to meet accessibility standards. In most cases, the appropriate theme for your system will be determined automatically, but you can always set a specific theme by using the View menu. When a new theme is selected you will be prompted to restart KeePassXC to apply the theme immediately.

theme selection
Figure 3. Setting the theme

Compact Mode

For users with smaller screens or those who desire seeing more entries at once, KeePassXC offers a compact view mode. This mode shows smaller toolbar, group, and entry icons. The effect of compact mode (left side) can be seen below.

compact mode comparison
Figure 4. Compact mode comparison

Screenshot Security

By default, KeePassXC prevents recordings and screenshots of the application window on Windows and macOS. This prevents inadvertent spillage of information during meetings and disallows other applications to capture the window contents. If you would like to enable screen capture, you must start the application with the --allow-screencapture command line flag.

Keyboard Shortcuts

On macOS please substitute Ctrl with Cmd (aka ).
Action Keyboard Shortcut


Ctrl + ,

Open Database

Ctrl + O

Save Database

Ctrl + S

Save Database As

Ctrl + Shift + S

New Database

Ctrl + Shift + N

Close Database

Ctrl + W ; Ctrl + F4

Lock All Databases

Ctrl + L

Database Settings

Ctrl + Shift + ,

Database Reports

Ctrl + Shift + R


Ctrl + Q

New Entry

Ctrl + N

Edit Entry

Enter ; Ctrl + E

Delete Entry


Clone Entry

Ctrl + K

Copy Username

Ctrl + B

Copy Password

Ctrl + C

Copy URL

Ctrl + U

Open URL

Ctrl + Shift + U


Ctrl + T

Copy Password and TOTP

Ctrl + Y


Ctrl + Shift + T

Trigger AutoType

Ctrl + Shift + V

Add key to SSH Agent

Ctrl + H

Remove key from SSH Agent

Ctrl + Shift + H

Minimize Window

Ctrl + M

Hide Window

Ctrl + Shift + M

Select Next Database Tab

Ctrl + Tab ; Ctrl + PageDn

Select Previous Database Tab

Ctrl + Shift + Tab ; Ctrl + PageUp

Select the nth database

Ctrl + n, where n is the number of the database tab

Toggle Passwords Hidden

Ctrl + Shift + C

Toggle Usernames Hidden

Ctrl + Shift + B

Focus Groups (edit if focused)


Focus Entries (edit if focused)


Focus Search

F3 ; Ctrl + F

Clear Search


Show Keyboard Shortcuts

Ctrl + /

Command-Line Options

You can use the following command line options to tailor the application to your preferences:

Usage: keepassxc.exe [options] [filename(s)]
KeePassXC – cross-platform password manager

  -?, -h, --help               Displays help on commandline options.
  --help-all                   Displays help including Qt specific options.
  -v, --version                Displays version information.
  --config <config>            path to a custom config file
  --localconfig <localconfig>  path to a custom local config file
  --lock                       lock all open databases
  --keyfile <keyfile>          key file of the database
  --pw-stdin                   read password of the database from stdin
  --debug-info                 Displays debugging information.
  --allow-screencapture        Allow screen recording and screenshots

  filename(s)                  filenames of the password databases to open (*.kdbx)

Additionally, the following environment variables may be useful when running the application:

Env Var Description


Override default path to roaming configuration file


Override default path to local configuration file


Override initial location picking for databases


Path of the unix file socket that the agent uses for communication with other processes (SSH Agent)


Defines a global scale factor for the whole application, including point-sized fonts.


Specifies scale factors for each screen. See


Control device pixel ratio rounding to the nearest integer. See

Database Operations

Creating Your First Database

To start using KeePassXC, you need to first create a database that will store the password and other details.

To create a database, perform the following steps:

  1. Open your KeePassXC application. Click the create new database button (A):

    welcome screen
    Figure 5. Create database – Welcome screen
  2. The database creation wizard appears. Enter the desired database name and a short description (optional):

    new db wizard 1
    Figure 6. Create database – General information
  3. Click Continue. The Encryption Settings screen appears, we don’t recommend making any changes besides increasing or decreasing the decryption time using the slider. Setting the Decryption Time slider at higher values means that the database will have higher level of protection but the time taken by the database to open will increase.

    new db wizard 2
    Figure 7. Create database – Encryption settings
  4. Click the Continue button. The Database Credentials screen appears, enter your desired database password. We recommend using a long, randomized password.

    new db wizard 3
    Figure 8. Create database – Database credentials

    (A) Open the password generator
    (B) Toggle password visibility

    Keep this password for your database safe. Either memorize it or note it down somewhere. Losing the database password might result in permanent locking of your database and you will not be able to retrieve information stored in the database.
  5. Click Done. You will be prompted to select a location to save your database file. The database file is saved on to your computer with the default .kdbx extension. You can store your database wherever you wish, it is fully encrypted at all times preventing unauthorized access.

Opening an Existing Database

To open an existing database, perform the following steps:

  1. Open your KeePassXC application. Click the Open existing database button (A) or select a recent database from the Recent Databases list (B).

    open database
    Figure 9. Open an existing database
  2. Navigate to the location of the database on your computer and open the database file. The database unlock screen will appear:

    unlock database
    Figure 10. Database unlock screen
  3. Enter the password for your database.

  4. (Optional) Browse for the Key File if you have chosen it as an additional authentication factor while creating the database. Refer to the KeePassXC User Guide for more information on setting a Key File as an additional authentication factor.

  5. Click OK. The database opens and the following screen is displayed:

    database view
    Figure 11. Unlocked database

Quick Unlock

On Windows and macOS, subject to hardware availability, your credentials can be securely stored to enable subsequent unlocking of your database through biometric authentication. This is enabled by default on Windows using Windows Hello and on macOS using Touch ID or Apple Watch services. You can disable this feature in the Application Settings under the Security section.

On Windows, you will be prompted to authenticate to Windows Hello after unlocking your database with full credentials. This is required to setup Quick Unlock. If you cancel this prompt then Quick Unlock will not be enabled and your database will continue to unlock.
quick unlock windows hello
Figure 12. Windows Hello example

When your database is locked, you will see the following unlock dialog. Simply press Enter or click on Unlock Database to initiate the biometric authentication process. If you are using a hardware key (e.g. Yubikey), it must be connected to your computer to complete the unlock.

quick unlock
Figure 13. Quick Unlock

Expired Entries

By default, KeePassXC will show entries that are expired or will be expiring within 3 days after unlocking the database. This feature allows you to change your passwords before they expire and be aware of passwords that are no longer valid. You can disable or change this feature in the Application Settings.

Advanced Save Options

There are three ways that KeePassXC can handle database files. This behavior is set in the Application Settings under File Operations.

  1. (Default) Safe saves create a temporary database file alongside the existing one and atomically move it into place when all writing is complete. This prevents database corruption in the case of application crashes, loss of power, or other interruptions.

  2. Temporary file saves create a database in the temporary files folder. This database is then moved into place overtop of the existing file. Although rare, interruptions in this move process could leave your database in an unknown state. This option is useful for overcoming poorly behaved cloud sync tools.

  3. Direct-write saves write directly to the existing database file. This is an unsafe operation since any interruption can leave your entire database inaccessible. We only recommend using this option when interfacing with Linux GVFS services (e.g. Google Cloud on Gnome) and other types of storage services that host a virtual drive system.

In addition to these save options, KeePassXC can create a backup of your existing database file just prior to saving. This backup will be saved at the path specified in the Backup destination field. This path can be absolute or relative. The latter will be resolved according to the databases path. It is possible to specify a custom naming scheme with placeholders. See Backup Path Placeholders for available placeholders and examples.

save options

Adding an Entry

All the details such as usernames, passwords, URLs, attachments, notes, and so on are stored in database entries. You can create as many entries as you want in the database.

To add an entry, perform the following step:

  1. Navigate to Entries > New Entry (Or, press Ctrl+N). The following screen appears:

    edit entry
    Figure 14. Adding a new entry
  2. Enter a desired title for the entry, username, password, URL, and notes on this screen.

    1. Your most frequently used usernames will automatically be available in the username drop-down menu. They will also auto-complete for you when typing.

    2. You can generate a secure random password by clicking the dice icon in the password field to launch the password generator. Reveal the password by clicking the eye icon.

    3. After you add a URL to an entry you can press the download button to automatically download the website’s icon for this entry.

  3. (Optional) Add tags to the entry to quickly search for it using the tags panel on the main database view. You can easily add new tags or select existing ones from the drop-down list.

  4. (Optional) Select the Expires check-box to set the expiry date for the password. You can manually enter the date and time or click the Presets button to select an expiry date and time for your password.

  5. Click OK to add the entry to your database.

Editing an Entry

To edit the details in an entry, perform the following steps:

  1. Select the entry you want to edit.

  2. Press Enter, click the edit toolbar icon, or right-click and select Edit Entry from the menu.

  3. Make the desired changes.

  4. Click OK.

Adding TOTP to an Entry

Timed One-Time Passwords (TOTP) are a popular choice for two-factor authentication methods. These codes are typically six digits long and change every 30 seconds. They are derived from a shared secret value and the current time. Once set up, KeePassXC can calculate TOTP codes like any authenticator app, such as Google Authenticator. The codes can be used with copy/paste, browser extension, and Auto-Type.

Your computer time must be synchronized with an internet time source to generate valid TOTP codes, read more here.
Storing TOTP codes in the same database as the password will eliminate the advantages of two-factor authentication. If you desire maximum security, we recommend keeping TOTP codes in a separate database that you only unlock when needed.

To add TOTP to a database entry, you must first retrieve the secret string from the website or application you are authenticating to. Often this secret is accompanied with a QR code and can be copy/pasted below. Example: