KeePass

KeePass
Password Safe


ABP Project
Project Home Help for ABP Previous Downloads Version History


Help for ABP
Another Backup Plugin (ABP) Frequently Asked Questions Installing and Configuring ABP Using ABP Misusing ABP Atypical Actions Command Line Arguments Backup versus Checkpoint ABP versus DB_Backup Internal Design of ABP Your Feedback Legal Notices


Plugin Development
Plugin Framework for KeePass Test Plugin (PFK)


Get KeePass

Get Another Backup Plugin for KeePass at SourceForge.net. Fast, secure and Free Open Source software downloads

Using ABP

People use KeePass in many different ways. ABP is not intended for all KeePass uses, but only for certain simple (but common) uses described on this page.

Typical ABP User: The typical ABP user keeps all her passwords in a single password database. The password database is generally stored on a portable medium such as a USB flash drive, and accessed through one or more personal computers (PCs), though it could also just be stored on a PC's hard disk. For convenience, KeePass is configured with an initial database, which is ordinarily opened automatically at start-up. The typical ABP user usually just reads the database, applying the passwords to access websites, etc. But occasionally, she edits the database to add a new password entry, or to modify or delete an existing one. Then she saves her changes, thus updating the database. These are the typical actions of the typical ABP user.

Backing Up the Initial Database

Backing Up With ABP: ABP automatically copies the initial database to each configured backup folder at each of the following times:

  • Initial Open Time: The first time the initial database is opened in a KeePass session, if the backup copy is not already up to date.
  • Save Time: After the initial database is saved using the “File” menu “Save” action, or after an implicit save action which may occur when the “Automatically save when closing/locking the database” advanced option is in effect.

By checking at initial open time, ABP assures that each backup copy of the initial database is always up to date, once the database has been opened. By checking after the initial database is opened, rather than before, ABP assures that a possibly-damaged initial database will not overwrite and destroy an undamaged backup copy. Backup copies always have the same file name as the initial database.

Out-Of-Date Backups: A backup copy may be out of date at initial open time for any of the following reasons:

  1. The database (on a portable medium) was last saved on a different PC.
  2. The backup folder could not be accessed during the last save, typically because it is on a remote computer or portable medium that was temporarily unavailable.
  3. The backup configuration for this database was changed since the last session.

Error Processing

Configuration Errors: When a KeePass session begins, ABP parses the command line arguments, checking for the following errors:

  1. Syntactically invalid (that is, unrecognized) arguments beginning with “/backup.”.
  2. Syntactically invalid paths, as determined by the operating system.
  3. Violations of the configuration restrictions.

If an error is found, ABP displays a descriptive warning window. If the error involves a backup path (Errors 2 or 3), this backup path is ignored for the remainder of the KeePass session. The absence of a command line argument is not considered an error of any kind. The absence of a folder in the file system corresponding to a command line argument path is not considered a configuration error. It is a type of access error.

Access Errors: If an attempt to access a backup path fails, either at initial open time or at save time, ABP displays a warning window giving the backup path and the reason for failure. ABP makes no further attempt to access that backup path for the remainder of the KeePass session. Other configured backup paths are unaffected.

Enabling and Disabling Backups

Protocol for Enabling Backups: ABP does not always back up the currently-open password database, but only when backups are enabled. When KeePass starts, backups are enabled or disabled according to the conditions described in Paragraph 1 below. If backups are enabled, certain actions cause backups to become disabled, as described in Paragraph 2 below. Once backups are disabled, they stay disabled for the remainder of the KeePass session.

1. Enabling and Disabling Backups At Start-Up: As part of configuration error processing (above), ABP determines whether there exist command line arguments specifying both an initial database to be opened, and one or more valid backup paths. If both kinds of command line arguments are present, and the initial database is successfully opened, or the KeePass /lock command line option has been specified, backups are enabled. Otherwise, backups are disabled. Disabling backups at start-up is not considered an error, and ABP displays no warning window for this condition. Omission of the needed command line arguments is taken as deliberate intent to not use ABP in this session.

2. Actions Causing Backups To Be Disabled: If backups are enabled, backups become disabled under any of the following circumstances:

  • An attempt is made to open a database using the “File” menu “Open…” action.
  • An attempt is made to create a database using the “File” menu “New…” action.
  • The initial database is closed for any reason other than that the workspace is being locked.
  • The initial database is saved using the “File” menu “Save As…” action.

ABP Status

Basic Status: The basic status of ABP indicates whether backups are enabled or disabled. If backups are enabled but some backup paths cannot be accessed, the basic status also includes how many backup paths can still be accessed. If backups are disabled, the basic status also includes the reason why. Basic status is available at certain times in the rightmost KeePass status bar.

KeePass Status Bar: The basic status of ABP is displayed in the rightmost KeePass status bar when KeePass starts up, after a database is opened or saved, and after any action which could potentially change the status.

Extended Status: If backups are disabled, the extended status is the same as the basic status. If backups are enabled, the extended status begins with the initial database name and path. In addition, for each backup path, the status includes whether the last attempt to backup through the path has been successful. If the last attempt failed, the reason is given. This reason is the same as in a previous access error warning window. The extended status of ABP is available at any time in the status window.

Status Window: The extended status of ABP can be viewed at any time in the status window. To open the status window, first open the Plugins window from KeePass' main window, by selecting “Tools”, and then “Plugins”. In the Plugins window, right-click on the line with AnotherBackupPlugin.dll, and select “Options”.

Configuration Errors: Configuration errors are never displayed in the KeePass status bar or in the status window. Configuration errors, unlike access errors, are session-independent. They cause a warning window to appear every time KeePass starts up, until corrected.

Advanced Topics

Limit to Single Instance: Since the typical ABP user has only a single password database, it is natural to consider using the KeePass “limit to single instance” option, which prevents more than one instance of KeePass from running at the same time. When this option is enabled, if you try to start a second KeePass instance, it is immediately terminated, and the first instance is brought to the foreground. Unfortunately, the single instance option has additional semantics (described in KeePass Help) whose effect disables backups after the second instance has started. Of course, if you don't enable the “limit to single instance” option, there may be conflicts between two instances accessing the same database. The user should carefully consider which behavior is most appropriate to her situation.

Multiple Databases: Although the typical ABP user has only one password database, a PC can be configured so that ABP can back up multiple password databases. Simply create a separate shortcut for each database, and only open each database through its corresponding shortcut. For example, if you have two databases, work.kdb and personal.kdb on your USB flash drive, create a shortcut for each. The backup paths specified in the two shortcuts can even be the same, since the two databases have different file names. In this case, you may not want to enable the “limit to single instance” option.