Integration with KeePass

I don’t know how secure this app is so forgive me if this isn’t a valiad concern, but I am wondering if it would be possible to store the passwords in a KeePass database like the keeweb app does. That would provide security as the KeePass databases are encrypted and would provide integration with existing KeePass apps.

The passwords app for Nextcloud does not support KeePass files. I don’t think there is much use in adding that support for several reasons:

  • There is already an app for KeePass files
  • The passwords app provides an API which is used by the webinterface in Nextcloud and all apps & extensions to fetch and store passwords encrypted in the Nextcloud database. Supporting KeePass files while also keeping the API would mean that the file needs do be read on the server and the master key needs to be known to the server. That’s insecure.
  • Not using the API would make this option incompatible with any of our extensions and apps and users would be confused by this.
  • The functionality provided by KeePass is different. Not all functions available within the passwords app can be provided using KeePass files.
  • There would probably also a lot of confusion about the general usage of this feature. For example when users open a KeePass file with the app and save some passwords. Then they open the passwords app via the icon and the data from the KeePass file is gone because they’re now using the normal database.

About security: The passwords app offers strong client side encryption with a master password. Using this encryption will provide you the best encryption possible with libsodium. All details about our client side encryption / e2e can be found in the developer documentation.

Thanks for that detailed explanation! Food for thought, you can always use Passwords + use Keepass as well for those credentials you’d rather access from that portable database.


I see the issue that my thought has. Maybe something that can be done for those who have existing keepass databases is have an option to manually synchronize with a keepass databases, providing the benefits of both apps. I would look at implementing it myself, but I have to many projects already.

I did not want to move all of my Keepass data to the NC app so I just save the Keepass database to my NC instance. It’s encrypted so doubly safe. And, it gets synced automatically by NC.

1 Like

I successfully imported keepass .kdbx database by opening it KeepassXC (on linux if that matters) and exporting it as csv, then import as KeepassX csv in Passwords app. It misses few extra attachments from .kdbx such as text files with 2FA backup codes etc, but all the passwords and rest of the most important stuff is there.

I previously exported the .kdbx in Keepass windows app as .csv, however that failed to import as either KeepassX .csv or custom .csv