Using the KeePassX password manager you can:

  • Store many passwords in an encrypted database which is protected by a single passphrase of your choice.
  • Always use different and stronger passwords, since you only have to remember a single passphrase to unlock the entire database.
  • Generate very strong random passwords.

Create and save a password database

Follow these steps to create a new password database and save it in the persistent volume for use in future working sessions.

To learn how to create and configure the persistent volume, read the documentation on persistence.

  1. When starting Tails, enable the persistent volume.

  2. In the Persistent Volume Assistant, verify that the Personal Data persistence feature is activated. If it is deactivated, activate it, restart Tails, and enable the persistent volume.

  3. To start KeePassX, choose Applications ▸ Accessories ▸ KeePassX.

  4. To create a new password database, choose File ▸ New Database…

  5. The password database is encrypted and protected by a passphrase.

    • Specify a passphrase of your choice in the Password text box, then click OK.
    • Type the same passphrase again in the next dialog, then click OK.
  6. To store the password database in the persistent volume for use in future working sessions:

    • Choose File ▸ Save Database.
    • Enter keepassx in the Name text box.
    • Select Persistent in the list of folders in the left pane.
    • Click Save.

Restore and unlock the password database

Follow these steps to unlock the password database saved in the persistent volume from a previous working session.

  1. When starting Tails, enable the persistent volume.

  2. To start KeePassX, choose Applications ▸ Accessories ▸ KeePassX.

  3. If a password database is found in the persistent volume, a dialog appears and asks for the passphrase to unlock that password database. Enter the passphrase and click OK.

  4. If you enter an invalid passphrase the following error message appears:

    The following error occured while opening the database:
    Hash test failed.
    The key is wrong or the file is damaged.

    Then click OK and try again.

In addition to the password database, you can store your KeePassX settings using the Dotfiles persistence feature. To do so, create the folder /live/persistence/TailsData_unlocked/dotfiles/.config/keepassx/ and copy the file ~/.config/keepassx/config.ini to it.

KeePassX user guide

To read the official KeePassX user guide, choose Help ▸ KeePassX Handbook….