This post is going to be of interest to only a very specific demographic, but based on my web site stats, it seems necessary. Since writing my “story” – it barely qualifies as a “review” – of MiniKeePass, it has (surprisingly) become the most popular item on my blog. And tracking the Google search referrals, by far the biggest impetus for coming to my site has been in a quest for the answer to “how to use MiniKeePass with Dropbox”.

Now, to experienced MiniKeePass users, this may seem entirely intuitive. But I remember when I first installed MiniKeePass there was a brief moment of questioning, so I guess it would be a worthwhile public service to expand on that small bit of detail.

Update: Dropbox has many issues that at first glance could be blamed on MKP. See my follow up article “Dropbox Issues With MiniKeePass” for a problem-by-problem rundown.

What Is KeePass?

As a refresher, KeePass is a cross-platform (Windows, Linux, Mac) open-source password manager that enables you to safely lock away your multitude of passwords in a single location. Putting all your eggs in one basket may seem like a risky proposition, but AES & Blowfish encryption helps to make it practically close to uncrackable.

KeePass can use “two-factor authentication” to protect your personal data – something you know (a master password) and something you have (a key file). You can define a password database to require one, the other, or both in tandem for accessing your treasure trove. Needless to say, using both offers the strongest form of security. (Even if your master password is cracked, they still can’t do diddley unless they also have the key file.)

The idea is that when prompted for a password from a web site or program, you would simply bring up the KeePass app and right-click on the entry to select “Copy Password” (Ctrl-C shortcut). The copied password will remain in the cut-buffer for a brief period, so head back to the original app and paste it in.

KeePass uses a tree-view model to display your password entries hierarchically. You can arrange the order of the “folders” and “items” by using the Alt-Up/Down arrow keys. After adding/deleting entries or re-arranging their order, you would “Save” to update the database.

Using KeePass With Dropbox

Saving the KeePass password data creates a .kdbx file. Normally, one would store these files on the local operating system (eg, in your My Documents or home directory). But if you want to share this password data on multiple machines (and take advantage of the KeePass cross-platform feature), you can store them on your Dropbox drive instead.

Dropbox adds “cloud storage” to your local system. You must be Internet-connected to access, but while you are online you have 2G of free space for storing anything, including kdbx/key files. Dropbox also caches your files, so on the off chance that you have lost Internet connectivity, you’ll still have access to the files as of when disconnected. When you load Dropbox on another machine and login to your account, you’ll see the same KeePass files that were deposited by the source machine.

In fact, “source machine” may be a bit of a misstatement because Dropbox allows any logged-in system to access/update the kdbx database. Technically, the last machine to update could be considered the “source”. You are going to have to keep track of how/when you make changes to password info. If KeePass is open simultaneously on multiple machines, neither will automatically detect changes made from the other as long as the kdbx file is kept open. For this reason, I would strongly encourage making one system the primary from which all changes are made. Then you would just reload the file on all secondaries.

Using MiniKeePass

MiniKeePass is an iOS implementation of the KeePass software. It runs on the iPhone (or iPod Touch), and in non-tablet mode on an iPad.

Worried about MiniKeePass security? It uses the same algorithms as the desktop KeePass, plus it adds a PIN code for additional mobile safety. And if you have any doubts about secret backdoors or bad programming, it is open-source and you can inspect the code if so inclined.

As with the desktop version, you use MiniKeePass in parallel with any password-prompting app. Use the task switcher to bring up Mini and copy the password into the buffer, then switch back to paste it into the app which was waiting for authentication. One difference from the desktop version is that there is no right-click in iOS: you tap the password and select “Copy” rather than the “Edit” that you would otherwise use for updating.

MiniKeePass also differs from KeePass in one other very significant way. iOS devices do not have a “file system”; they have storage allocated for an app’s use, but it cannot be accessed like a drive or directory. In this sense it is more like the Windows Registry, available to the app but not directly to the user.

This storage is a secure sandbox for that app and that app alone. So when you create or access a kdbx/key file in MiniKeePass, you are doing so within the memory structure of the program, not in some globally accessible file system. There is no “Save” function – all changes are immediately applied to kdbx database in local storage.

I’m guessing most people use MiniKeePass as an adjunct to KeePass running on their preferred desktop platform, desiring to load their database from another source. However, if you want to use *only* on the iPhone/iPad, there is nothing preventing it. To start with a new kdbx, press the + icon. But as explained, this newly created file will only exist in MiniKeePass – not visible to other apps. (Also note: because the edit capabilities are a little lighter on the iDevice, unlike the desktop version, you don’t have the ability to re-order the folders/items: you are pretty much limited to a FIFO order of how they were entered.)

Using MiniKeePass With Dropbox

Although iOS does not have a file system per se, Apple users have been using Dropbox to simulate one. And MiniKeePass benefits indirectly as a result. I say indirectly because although MiniKeePass understands Dropbox, it does not interface to it natively. This is, I believe, a major source of both confusion and frustration with the product: in as much as MiniKeePass “supports” Dropbox, it treats it as a source for import/export, not as a local filesystem.

  1. To load a kdbx/key file from Dropbox to MiniKeePass, you navigate to the stored location within Dropbox and tap on the file.
  2. Dropbox will respond dumbly that it does not know how to open a file of that type. “Sorry, this document can’t be viewed.” Great. Now what?
  3. If you click on the Export icon (rectangle with an arrow), you will find that MiniKeePass has been installed as an import handler. Selecting MiniKeePass will trigger an import.
  4. When you next visit the MiniKeePass home screen, the imported file(s) will appear.

The key takeaway here is this concept of the import/export process. If you don’t keep this idea firmly in mind, you’ll just find yourself frustrated and confused:

  • When you make changes on the iDevice, they remain local to the app. Even if the source was originally from Dropbox, it will not make its way back to Dropbox until you export it from MiniKeePass (similar rectangle-with-arrow icon).
  • If password changes are made from another system, MiniKeePass will not notice them even if Dropbox has already sync’d the updated copy to the iDevice. You need to refresh Mini’s local copy by re-importing from Dropbox.

The MiniKeePass developers have told me that full [direct] Dropbox support is on their ToDo list, but until then, remember that their kdbx/key storage is localized.

I wouldn’t anticipate future Mini to do what even KeePass does not – ie, support simultaneous write access and concurrent update detection – but I would at least hope that it will detect any updated Dropbox-sourced files at startup…