Clone wiki

KeeCloud / Home

Dropbox Update

New version with support for Dropbox API V2 is now available on the downloads page.

Special thanks to @Jack Zhou for the updated implementation.

IMPORTANT, you'll have to re-link the app to Dropbox with the credential wizard. Any previously linked Dropbox access won't work anymore. There will be no username with the new credentials.

One user has created a great blog post describing the re-sync process. If you don't speak German you can use Google translate. It is well worth it if you are having trouble with Dropbox after the update.


KeeCloud is a simple plugin that adds support to several online file services to the built in URL file access in KeePass. The UI and setup are minimal. It is designed to work with the built in opening/saving/synchronization/trigger options in KeePass without duplicating any of that functionality.

This plugin is released under an MIT License which is compatible with the GNU GPL GNU Compatible License List (referred to as Expat in the GNU GPL compatibility list) that KeePass is released under.


Other Pages

Why use KeeCloud

There are many plugins that add support for opening/syncing/saving files to other locations. Most of these wrap up syncing with the remote database for you, if they even support syncing. That may be great if that is what you want, however, you are limited to syncing with that location through that plugin only or not at all. KeeCloud extends the natural ability of KeePass to open/sync/save to URLs. None of the functionality in KeePass is duplicated. You can set up a trigger to sync with a file on one of the supported services using the built in synchronization process in KeePass. Because KeeCloud registers handlers with KeePass, even other plugins can work with remote files through KeeCloud. You are not limited to the operating on the remote with just the KeeCloud plugin.

KeeCloud also has multiple cloud providers in one plugin see supported services. It is intended to be a one-stop-shop of sorts for internet file stores (though not there yet see Contribute). Its modular architecture makes adding new providers for remote stores easy with all of the harder work of interacting and registering handlers with KeePass done once. This means that we'll try to keep it as thorough as possible.

Why not use KeeCloud

Since we hyped up why KeeCloud is awesome compared to other plugins, it is only fair to point out how it might be lacking compared to others. KeeCloud offers more flexibility with how KeePass interacts with the cloud hosted files. With that flexibility comes more complexity. Some of the other plugins wrap up syncing with the remote DB file fairly seamlessly and simply. They may also provide remote file browsing dialogs to make working with remote files easy. KeeCloud provides none of that. Of course you can sync, but you need to set up how you want to do that. It isn't just set up for you. This plugin is admittedly a bit more complicated to set up (though not a lot.) If you are comfortable setting up triggers to sync with a network file then you shouldn't have any trouble with KeeCloud.

Simply put, KeeCloud is a flexible plugin that adds lots of options for working with files "in the cloud" but it requires you to configure how you want to use those files.


Once the plugin is installed, there are automatically more protocol prefixes that can be used with a URL. KeePass comes with built in support for http(s):// and ftp://. KeeCloud will add other options to that list. The username and password fields will work as appropriate for the specific protocol being used. You can also use a KeePass entry for your credentials if you are syncing. See synchronization credentials

Supported Protocols


One of the protocols that has been added is support for Amazon Simple Storage Service or S3. The protocol prefix is s3://. This information can be entered into the standard Open From URL dialog box in KeePass.


The username should be a valid API key that has access to the specified bucket and file and the password should contain the corresponding secret key.

The URL, username, and password are all entered in like normal, and you can now open, save, or synchronize directly with a file located in Amazon S3!

Alternate Synchronization Credential Entry

See main page synchronization-credentials

One of the most likely use cases for KeeCloud is synchronization with copies of the database in the cloud (see workflows)

In order to aide with this, an alternate credential entry method exists. Instead of entering the credentials into the synchronization form, the title of an entry in KeePass can be used instead. The username and password will be read from that entry and used instead. This allows you to set up triggers without having to save sensitive information (username and password) in the trigger configuration.

Note that this only works for synchronization. This doesn't work for opening new database files even if you have another database open. When you open another database, KeeCloud loses the context of the other open database and can't read the entry anymore so it can't use credentials from there.


See main configuration page.

When possible there is no configuration required and credentials are just entered directly into the 'Open From URL' dialog box. However, most of the cloud APIs require some additional steps. This is due to the popularity of an authentication technology called OAuth.

When using a protocol that is authenticated by OAuth, you don't enter your credentials for your account into the URL dialog box. The service won't accept that. Instead, you use the 'URL Credential Wizard' located in tools. You select the service you want to integrate to then the wizard will open a web browser. You will log into your account and authorize KeeCloud to access your account. Once this is done, the wizard will create a KeePass entry (or just display them for you) that has your credentials for use with the specified service. You can then use those credentials to open or save files to that service by crafting a URL for that service (See Supported Protocols for more instructions). You don't have to go through the wizard every time you want to open a file to that service. You can just modify the URL accordingly to specify a different file.