A Python-module to provide an API to KeePass 1.x files commonly used by KeePassX.

Download as .zip Download as .tar.gz View on GitHub


Actual version of kppy from May 16, 2018: 1.5.0

My main focus has switched to reimplement this project in Rust as it allows me to realize my vision of a secure password manager which is not possible with Python. However I will publish bug fixes and answer bug reports if there are any. As KeePassC is stable and feature-complete this shouldn't be a reason for not using it anymore.

! Due to a bug in KeePassX it is not possible to decrypt databases encrypted with a 64Byte-keyfile. Indeed it's possible to open such a database encrypted by the reference implementation KeePass 1.26 for Windows. !

A Python 2&3-module to provide an API to KeePass v1.x password database files which are also used by the popular KeePassX.


Full Access to KeePass v1.x/KeePassX files:

Some explanation to KeePass databases:


Big API-change with v.1.4.0!



Just type "python install" (or "python3 install") with root rights in the root directory of kppy if all dependecies are fulfilled.


As long as the database is opened with this module, the password is saved as plain text in RAM. Even if the database was closed correctly it is possible that the password lies somewhere in your computer's RAM, it's not possible to prevent this in Python. That is, if your computer is compromised it is possible to dump the password from memory. To prevent some scenarios you could change the working directory of Python to /var/empty on UNIX-like systems while using kppy. A core dump wouldn't be possible unless you're using kppy as root.