Plugins - KeePass



KeePass Plugins

Installation, uninstallation and security of KeePass plugins.

Plugin  Introduction

KeePass features a plugin framework. Plugins can provide additional functionality, like support of more file formats for import/export, network functionalities, backup features, etc.

Plugin  Online Resources

You can download the latest KeePass plugins from

Plugin  Plugin Installation and Uninstallation

If the plugin doesn't provide explicit instructions how to install it, follow these steps:

  1. Download the plugin from the page above and unpack the ZIP file to a directory of your choice.
  2. Copy the unpacked plugin files into the KeePass directory (where the KeePass.exe is).
  3. Restart KeePass in order to load the new plugin.

In other words, to "install" a plugin you simply need to copy it into the KeePass directory.

To "uninstall" a plugin, delete the plugin files.

Plugin  Security

What about the security of plugins? Can't malicious spyware plugins 'inject' themselves into KeePass?

If plugins can register themselves (i.e. have write access to the KeePass directory), they could also just replace the whole KeePass.exe. It's rather a problem of file access rights, not the plugin system.

If you worry about this, you can do the following:

  1. Install KeePass as administrator.
  2. Write-protect the KeePass directory. Nobody must have write access.
  3. Log on as normal user (with no administrator privileges).

This will solve the problem above. Since the KeePass directory is write-protected, no other program can copy files into it. KeePass requires the plugins to be in the application directory. Therefore, plugins cannot inject themselves anymore.