KeePass’ auto-type feature vs. browser’s password manager

adminother0 Comment
5 min. reading

I personally adore KeePass! But… mainly not for being my private Fort Knox and my single source of all passwords. As I can have the same with every browser’s password manager. What is an absolutely fabulous feature of KeePass, is its powerful auto-type mechanism.

Not only, this is easier and more convenient, but — the most important — it is by far, much, much more safe (see details later into this article)!

Now, the biggest problem is that I also have and I am also using password manager in my browser (similarly beloved Microsoft Edge; screw you Google!). And when I press Ctrl+U to open corresponding URL in a browser, I have login field already prefilled. Usually with an incorrect login, as I have a lot of account saved for every web service in my password manager.

Fortunately, there’s a solution even for this.

Auto-type feature

First, let’s talk about this feature, in case you haven’t heard about it.

I can store a login a password and an URL within KeePass’ item. Just like in password manager in every browser. But, what I cannot do in any browser is to ask it to type everything for me.

In KeePass, I press:

  • Ctrl+U (open corresponding URL in default / selected browser)
  • (optionally click Login field, if it is not highlighted)
  • Alt+Tab (switch back to KeePass)
  • Ctrl+V (auto-type password into browser)

And that is all.

This method, as previously mentioned is way safer! As KeePass is transferring your password letter-by-letter instead of passing entire password into the clipboard (screw you all the memory scanners!). And it also uses special Windows’ API instead of using real keyboard emulation (screw you all the keyloggers!).

“Collision” with browser’s password manager

To get rid of the problem that (upon opening a website) login field can be already pre-filled by password manager, all you have to do, is to transfer Ctrl+A key-press-sequence before pasting login.

But, there is a small glitch.

Help says that typing Ctrl+something in the middle of sequence should work:

{USERNAME}{TAB}^v{ENTER}
Types the user name, presses Tab, presses Ctrl+V (which pastes data from the Windows clipboard in most applications), and presses Enter.

But… as I have discovered… it does not work at all in the beginning of the auto-type sequence.

Solution to the problem

As suggested by Paul, the solution is as simple as either transferring some fake character in the beginning:

X^a{USERNAME}{TAB}{PASSWORD}{ENTER}

(that character will be removed (along with all others) by KeePass with selecting the entire field (^aCtrl+A) and actually pasting the login)

Or you can simply ask KeePass to hold a part of second before selecting the whole field:

{DELAY 200}^a{USERNAME}{TAB}{PASSWORD}{ENTER}

Either way will work.

Global auto-type sequence

In KeePass you can have (narrowing top → bottom):

  • Default auto-type sequence used always (for every database) when any of the below is not used
  • Global auto-type sequence that is used always in given database, if any of the below is not used
  • Per-branch auto-type sequence
  • Per-single item auto-type sequence

It always goes bottom → up:

  • If single item doesn’t have a custom auto-type, it inherits it from its branch (group, folder)
  • If group or folder does not have it, it inherits from its group or folder
  • …all the way up the tree…
  • If top branch does not have a custom auto-type sequence, it inherits from database settings
  • If database does not have custom sequence, it inherits it from KeePass settings.

Now, I have assumed that:

  • All passwords stored in single database can “collide” with similar entries in browser’s password manager
  • There still can be some library that stores passwords not used at all in browser, so we don’t want to modify KeePass settings.

Therefore, I have decide to set a custom auto-type sequence per library:

After doing the same for your database, every auto-type that you trigger (with Ctrl+V) will be first selecting content of the active field (by transferring Ctrl+A in the beginning of sequence).

Where to go next?

I don’t have that particular example handy here, but I remember that on some really weird page I did magic like “pressing” (transferring in sequence) many, many Tabs, Enters etc. in order to automate login process.

As Help says auto-type is a really powerful feature of KeePass. With some time and bright mind you can do really, really magic with it.

Leave a Reply