This post is going to be of interest to only a very specific demographic, but based on my web site stats, it seems necessary. Since writing my “story” – it barely qualifies as a “review” – of MiniKeePass, it has (surprisingly) become the most popular item on my blog. And tracking the Google search referrals, by far the biggest impetus for coming to my site has been in a quest for the answer to “how to use MiniKeePass with Dropbox”.
Now, to experienced MiniKeePass users, this may seem entirely intuitive. But I remember when I first installed MiniKeePass there was a brief moment of questioning, so I guess it would be a worthwhile public service to expand on that small bit of detail.
What Is KeePass?
As a refresher, KeePass is a cross-platform (Windows, Linux, Mac) open-source password manager that enables you to safely lock away your multitude of passwords in a single location. Putting all your eggs in one basket may seem like a risky proposition, but AES & Blowfish encryption helps to make it practically close to uncrackable.
KeePass can use “two-factor authentication” to protect your personal data – something you know (a master password) and something you have (a key file). You can define a password database to require one, the other, or both in tandem for accessing your treasure trove. Needless to say, using both offers the strongest form of security. (Even if your master password is cracked, they still can’t do diddley unless they also have the key file.)
The idea is that when prompted for a password from a web site or program, you would simply bring up the KeePass app and right-click on the entry to select “Copy Password” (Ctrl-C shortcut). The copied password will remain in the cut-buffer for a brief period, so head back to the original app and paste it in.
KeePass uses a tree-view model to display your password entries hierarchically. You can arrange the order of the “folders” and “items” by using the Alt-Up/Down arrow keys. After adding/deleting entries or re-arranging their order, you would “Save” to update the database.
Using KeePass With Dropbox
Saving the KeePass password data creates a .kdbx file. Normally, one would store these files on the local operating system (eg, in your My Documents or home directory). But if you want to share this password data on multiple machines (and take advantage of the KeePass cross-platform feature), you can store them on your Dropbox drive instead.
Dropbox adds “cloud storage” to your local system. You must be Internet-connected to access, but while you are online you have 2G of free space for storing anything, including kdbx/key files. Dropbox also caches your files, so on the off chance that you have lost Internet connectivity, you’ll still have access to the files as of when disconnected. When you load Dropbox on another machine and login to your account, you’ll see the same KeePass files that were deposited by the source machine.
In fact, “source machine” may be a bit of a misstatement because Dropbox allows any logged-in system to access/update the kdbx database. Technically, the last machine to update could be considered the “source”. You are going to have to keep track of how/when you make changes to password info. If KeePass is open simultaneously on multiple machines, neither will automatically detect changes made from the other as long as the kdbx file is kept open. For this reason, I would strongly encourage making one system the primary from which all changes are made. Then you would just reload the file on all secondaries.
Using MiniKeePass
MiniKeePass is an iOS implementation of the KeePass software. It runs on the iPhone (or iPod Touch), and in non-tablet mode on an iPad.
Worried about MiniKeePass security? It uses the same algorithms as the desktop KeePass, plus it adds a PIN code for additional mobile safety. And if you have any doubts about secret backdoors or bad programming, it is open-source and you can inspect the code if so inclined.
As with the desktop version, you use MiniKeePass in parallel with any password-prompting app. Use the task switcher to bring up Mini and copy the password into the buffer, then switch back to paste it into the app which was waiting for authentication. One difference from the desktop version is that there is no right-click in iOS: you tap the password and select “Copy” rather than the “Edit” that you would otherwise use for updating.
MiniKeePass also differs from KeePass in one other very significant way. iOS devices do not have a “file system”; they have storage allocated for an app’s use, but it cannot be accessed like a drive or directory. In this sense it is more like the Windows Registry, available to the app but not directly to the user.
This storage is a secure sandbox for that app and that app alone. So when you create or access a kdbx/key file in MiniKeePass, you are doing so within the memory structure of the program, not in some globally accessible file system. There is no “Save” function – all changes are immediately applied to kdbx database in local storage.
I’m guessing most people use MiniKeePass as an adjunct to KeePass running on their preferred desktop platform, desiring to load their database from another source. However, if you want to use *only* on the iPhone/iPad, there is nothing preventing it. To start with a new kdbx, press the + icon. But as explained, this newly created file will only exist in MiniKeePass – not visible to other apps. (Also note: because the edit capabilities are a little lighter on the iDevice, unlike the desktop version, you don’t have the ability to re-order the folders/items: you are pretty much limited to a FIFO order of how they were entered.)
Using MiniKeePass With Dropbox
Although iOS does not have a file system per se, Apple users have been using Dropbox to simulate one. And MiniKeePass benefits indirectly as a result. I say indirectly because although MiniKeePass understands Dropbox, it does not interface to it natively. This is, I believe, a major source of both confusion and frustration with the product: in as much as MiniKeePass “supports” Dropbox, it treats it as a source for import/export, not as a local filesystem.
- To load a kdbx/key file from Dropbox to MiniKeePass, you navigate to the stored location within Dropbox and tap on the file.
- Dropbox will respond dumbly that it does not know how to open a file of that type. “Sorry, this document can’t be viewed.” Great. Now what?
- If you click on the Export icon (rectangle with an arrow), you will find that MiniKeePass has been installed as an import handler. Selecting MiniKeePass will trigger an import.
- When you next visit the MiniKeePass home screen, the imported file(s) will appear.
The key takeaway here is this concept of the import/export process. If you don’t keep this idea firmly in mind, you’ll just find yourself frustrated and confused:
- When you make changes on the iDevice, they remain local to the app. Even if the source was originally from Dropbox, it will not make its way back to Dropbox until you export it from MiniKeePass (similar rectangle-with-arrow icon).
- If password changes are made from another system, MiniKeePass will not notice them even if Dropbox has already sync’d the updated copy to the iDevice. You need to refresh Mini’s local copy by re-importing from Dropbox.
The MiniKeePass developers have told me that full [direct] Dropbox support is on their ToDo list, but until then, remember that their kdbx/key storage is localized.
I wouldn’t anticipate future Mini to do what even KeePass does not – ie, support simultaneous write access and concurrent update detection – but I would at least hope that it will detect any updated Dropbox-sourced files at startup…
December 5th, 2011 on 3:52 pm
Thanks for the help. My issue is that I can’t get the key to move over from Dropbox. I have the database w/o a problem. When I try to export the key, it says “No installed apps support opening this file.” My filename is key.safe.
Ever run into this?
December 6th, 2011 on 5:27 pm
@Greg- That error is common for Dropbox when there is no handler known or defined for the file type. Maybe it is keying (no pun intended) on the .safe suffix. Have you tried naming it “safe.key”? .key is the usual suffix.
December 12th, 2011 on 5:55 pm
This is exactly the info I’ve been looking for. Thanks for your site! However, I’m still frustrated. I’ve re-imported the keepass db to minikeepass on my iPad but one of the mods I made in the db on my mac is not showing up on my iPad. It’s the same db and i followed your directions on reimporting. Any thoughts?
December 15th, 2011 on 8:36 am
@Laura- Definitely hasn’t happened to me before. Are you certain you saved the file after the Mac update and Dropbox (on the Mac side) acknowledged with a changed date/filesize?
I would suggest contacting the developers via their GitHub issues page. (https://github.com/MiniKeePass/MiniKeePass/issues)
January 13th, 2012 on 8:35 am
Thank you! Your write-ups on using MiniKeePass with Dropbox let me know exactly what to expect. That’s important to me when concerning critical things like password management. I really do not want to be experimenting with something this vital if it can be avoided.
I was carying my kdb on a usb stick. Sure it’s portable but limited me to using it only when I was logged on to either of two computers. Primarily it has been for storing logon credentials and other info that is generally needed for filling out paperwork or helping people join wifi networks I manage. For automated web logins and form-filling I have been using Roboform (Win) and 1Password (Mac). I expect my next step will be to reevaluate the possibility of consolidating it all into KeePass (Win) and KeePassX (Mac). If you have any insights to offer there I am most interested to read them. Regards, Andrew
January 14th, 2012 on 3:14 pm
I was using MiniKeePass v1.1.3 and KeePass Professional v2.17 (same code as Classic v1.20?) sharing the database across Dropbox. I got this same error “Failed to load the specified file! Capacity exceeds maximum capacity. Parameter name: capacity” when I tried to open the database last written by MiniKeePass in the desktop KeePass application.
It seems there is a problem with the 2.17 version of KeePass reading some MiniKeePass written databases. The problem is fixed with the latest version KeePass Professional v2.18. Thanks Dominik!
January 19th, 2012 on 10:58 pm
@Andrew- I highly recommend KeeFox if you are using Firefox. It adds a shim that communicates with KeePass (with your confirmation), and a toolbar that will display any matched password when a form is detected. Check out the demo – it’s like Roboform for KeePass.
There is nothing quite so similar for Chrome. The best I could find is “Domain in Title” which puts the FQDN in the title and allows KeePass to more easily match against the URL field of an entry.
I haven’t done this myself, but if you are keeping the KDBX on a USB for use on 2 computers, you could theoretically use the PortableApps versions of Firefox+KeePass to have a truly universal [Windows] setup.
January 19th, 2012 on 11:04 pm
@Glen- Thanks for the tip. Not something I would have been bit by, since I try to source the master on the PC side and use Mini for reading only…
January 31st, 2012 on 11:37 am
I thought I should add that when I updated my kdbx file on the computer it was automatically uploaded to dropbox. On the iphone I had to delete the current kdbx file from minikeepass and then use the dropbox app to push the latest version back to minikeepass. It seems that the dropbox app is unable to push the updated file and overwrite the existing one, likely because minikeepass was runnning in the background. I suppose I could have quit the minikeepass app and then tried to push the kdbx update, but just deleting the old file is quicker. I’m really looking forward to dropbpx integration within the app.
February 2nd, 2012 on 10:35 pm
@Andrew- I haven’t had a problem pushing an update into Mini; using Dropbox to “re-export”, it overwrites just fine. So I haven’t had to take that intermediate step of deleting. But just the same I’m lined up right there with you on awaiting the improved Dropbox integration.
February 7th, 2012 on 6:35 am
I’ve been having the same problem that Laura described on her 12/12/11 post. I use MKP on my Windows PC and my iPad. I usually make all edits to the password entries on my PC and they get saved directly to a folder on my Dropbox. When I open Dropbox on my iPad is see the edited kdbx file and it has the correct date/time stamp. When I go to import that file to MKP on my iPad, MKP opens and I enter the password for the kdbx file and it opens, but it does not show any recent edits. I even tried deleting the kdbx file on my iPad when MKP is open, closing MKP and then going back to Dropbox and reopening the file, but still the new edits do not appear on my iPad. I have another Windows PC and when I open MKP on that machine my new edits always appear. Any suggestions would be appreciated. Thanks
February 7th, 2012 on 9:45 pm
@Mike- As I suggested to Laura, try contacting the developers by opening an issue on GitHub (https://github.com/MiniKeePass/MiniKeePass/issues). I have no affiliation with Mini other than as a 100% satisfied end-user. Though that’s probably because I never hit your bug.
March 12th, 2012 on 8:35 am
Just to provide some closure, the iPad problem that Mike & Laura were asking about seems to have been resolved.
The issue appears to be resulting from a bug in the iPad version of Dropbox – not MiniKeePass. When the KDBX file is synced in Dropbox, the date info on the left changes, but the file is never reloaded in the right-hand pane. So when exported, it is still the old copy.
The trick is to force the file to reload by opening a different file and then returning to the KDBX. At this point, the export will work fine.
There is no such problem with the iPhone version of Dropbox because the UI does not have separate navigational and file-data panes.