Password Managers

[mc2fool]

OK!

What I have is six triggers. Most of it is independent of file names and locations, as it uses KeePass placeholders for most of them ({DB_PATH}, {DB_NAME}, etc), but there are a few things you'll need to change, which I'll highlight as we go along.

On Init occurs on Application initialized and adds the custom buttons BackupDB, SyncDB and AutoSyncOff to the Keepass toolbar.

Auto Sync occurs on Application started and ready or Saved database file events and Synchronizes the active database with one with the same name on Z:\data\ (if that exists), which is the location of the LAN SMB served "hub" copy; you will need to change this in the conditions and actions of the trigger for your setup.

AutoSyncOff Button occurs on clicking the AutoSyncOff button and turns off Auto Sync above (so you can make changes and saves without it syncing), and replaces the AutoSyncOff button with an AutoSyncOn button.

AutoSyncOn Button occurs on clicking the AutoSyncOn button and turns on Auto Sync above, and replaces the AutoSyncOn button with an AutoSyncOff button.

SyncDB Button occurs on clicking the SyncDB button and:
(a) Synchronizes the active database with one with the same name on Z:\data\ (location of the LAN SMB served "hub" copy)
(b) copies the (synced) active database to C:\Users\me\Sync\Phone\ (encrypted cloud storage used by my Android phone)
(c) ensures that when done Auto Sync is turned on and the AutoSyncOff button is on the toolbar.

Backup DB on open or BackupDB button occurs on Opened database file or on clicking the BackupDB button and:
(a) copies the active database into a sub-folder of the folder the database is in, \OnOpenBackups\, with the same name but a file extension of the current date & time ({DT_SIMPLE})
(b) trims (deletes) those database backups in \OnOpenBackups\ down to the most recent 15.
(c) copies the active database to C:\Users\me\Sync\Phone\

Here's the code. You get it into KeePass by copying it and then using Tools - Triggers - Tools - Paste Triggers from Clipboard. Personally I'd recommend first pasting it into Notepad and saving it. You can either make the necessary changes in Notepad before pasting it all into KeePass or put it into KeePass and make the changes through the interface there.

Whichever way you go take a backup of your DB first (!) and make sure you start off with Enable trigger system turned off until you are confident you have everything in place. You'll need to copy your existing DB to the sync hub location (Z:\data\) before you start, and also have your \OnOpenBackups\ and C:\Users\me\Sync\Phone\ folders in place (or you can remove those actions if you don't want them).

Code: Select all

<?xml version="1.0" encoding="utf-8"?>
<TriggerCollection xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <Triggers>
      <Trigger>
         <Guid>GjViwVV6iE68pqRKcDCsmQ==</Guid>
         <Name>Auto Sync</Name>
         <Events>
            <Event>
               <TypeGuid>2PMe6cxpSBuJxfzi6ktqlw==</TypeGuid>
               <Parameters />
            </Event>
            <Event>
               <TypeGuid>s6j9/ngTSmqcXdW6hDqbjg==</TypeGuid>
               <Parameters>
                  <Parameter>0</Parameter>
                  <Parameter>{DB_PATH}</Parameter>
               </Parameters>
            </Event>
         </Events>
         <Conditions>
            <Condition>
               <TypeGuid>y0qeNFaMTJWtZ00coQQZvA==</TypeGuid>
               <Parameters>
                  <Parameter>Z:\data\{DB_NAME}</Parameter>
               </Parameters>
               <Negate>false</Negate>
            </Condition>
         </Conditions>
         <Actions>
            <Action>
               <TypeGuid>tkamn96US7mbrjykfswQ6g==</TypeGuid>
               <Parameters>
                  <Parameter />
                  <Parameter>0</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>Iq135Bd4Tu2ZtFcdArOtTQ==</TypeGuid>
               <Parameters>
                  <Parameter>Z:\data\{DB_NAME}</Parameter>
                  <Parameter />
                  <Parameter />
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>tkamn96US7mbrjykfswQ6g==</TypeGuid>
               <Parameters>
                  <Parameter />
                  <Parameter>1</Parameter>
               </Parameters>
            </Action>
         </Actions>
      </Trigger>
      <Trigger>
         <Guid>6zd5W143OUmIw2ciB32i4g==</Guid>
         <Name>On Init</Name>
         <Events>
            <Event>
               <TypeGuid>1M7NtUuYT/KmqeJVJh7I6A==</TypeGuid>
               <Parameters />
            </Event>
         </Events>
         <Conditions />
         <Actions>
            <Action>
               <TypeGuid>lYGPRZlmSYirPoboGpZoNg==</TypeGuid>
               <Parameters>
                  <Parameter>BackupDB</Parameter>
                  <Parameter>BackupDB</Parameter>
                  <Parameter>Backup the database</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>lYGPRZlmSYirPoboGpZoNg==</TypeGuid>
               <Parameters>
                  <Parameter>SyncDB</Parameter>
                  <Parameter>SyncDB</Parameter>
                  <Parameter>Synchronize the database (turns Auto Sync On)</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>lYGPRZlmSYirPoboGpZoNg==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOff</Parameter>
                  <Parameter>AutoSyncOff</Parameter>
                  <Parameter>Turn Auto Sync Off</Parameter>
               </Parameters>
            </Action>
         </Actions>
      </Trigger>
      <Trigger>
         <Guid>//3Gwe+1uk6CRX88uMCTcw==</Guid>
         <Name>Backup DB on open or BackupDB button</Name>
         <Events>
            <Event>
               <TypeGuid>5f8TBoW4QYm5BvaeKztApw==</TypeGuid>
               <Parameters>
                  <Parameter>0</Parameter>
                  <Parameter />
               </Parameters>
            </Event>
            <Event>
               <TypeGuid>R0dZkpenQ6K5aB8fwvebkg==</TypeGuid>
               <Parameters>
                  <Parameter>BackupDB</Parameter>
               </Parameters>
            </Event>
         </Events>
         <Conditions />
         <Actions>
            <Action>
               <TypeGuid>2uX4OwcwTBOe7y66y27kxw==</TypeGuid>
               <Parameters>
                  <Parameter>%comspec%</Parameter>
                  <Parameter>/c copy "{DB_PATH}" "{DB_DIR}\OnOpenBackups\{DB_BASENAME}.{DT_SIMPLE}"</Parameter>
                  <Parameter>True</Parameter>
                  <Parameter>1</Parameter>
                  <Parameter />
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>2uX4OwcwTBOe7y66y27kxw==</TypeGuid>
               <Parameters>
                  <Parameter>%comspec%</Parameter>
                  <Parameter>/c for /f "skip=15 tokens=*" %X in ('dir "{DB_DIR}\OnOpenBackups\{DB_BASENAME}.*" /b /o:-d') do del "{DB_DIR}\OnOpenBackups\%X"</Parameter>
                  <Parameter>True</Parameter>
                  <Parameter>1</Parameter>
                  <Parameter />
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>2uX4OwcwTBOe7y66y27kxw==</TypeGuid>
               <Parameters>
                  <Parameter>%comspec%</Parameter>
                  <Parameter>/c copy "{DB_PATH}" "C:\Users\me\Sync\Phone\{DB_NAME}"</Parameter>
                  <Parameter>False</Parameter>
                  <Parameter>1</Parameter>
                  <Parameter />
               </Parameters>
            </Action>
         </Actions>
      </Trigger>
      <Trigger>
         <Guid>J+eXnsOuDEOhQOLwo1D+kw==</Guid>
         <Name>SyncDB Button</Name>
         <Events>
            <Event>
               <TypeGuid>R0dZkpenQ6K5aB8fwvebkg==</TypeGuid>
               <Parameters>
                  <Parameter>SyncDB</Parameter>
               </Parameters>
            </Event>
         </Events>
         <Conditions />
         <Actions>
            <Action>
               <TypeGuid>tkamn96US7mbrjykfswQ6g==</TypeGuid>
               <Parameters>
                  <Parameter>Auto Sync</Parameter>
                  <Parameter>0</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>Iq135Bd4Tu2ZtFcdArOtTQ==</TypeGuid>
               <Parameters>
                  <Parameter>Z:\data\{DB_NAME}</Parameter>
                  <Parameter />
                  <Parameter />
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>2uX4OwcwTBOe7y66y27kxw==</TypeGuid>
               <Parameters>
                  <Parameter>%comspec%</Parameter>
                  <Parameter>/c copy "{DB_PATH}" "C:\Users\me\Sync\Phone\{DB_NAME}"</Parameter>
                  <Parameter>False</Parameter>
                  <Parameter>1</Parameter>
                  <Parameter />
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>1m1BomyyRLqkSApB+glIeQ==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOn</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>1m1BomyyRLqkSApB+glIeQ==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOff</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>lYGPRZlmSYirPoboGpZoNg==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOff</Parameter>
                  <Parameter>AutoSyncOff</Parameter>
                  <Parameter>Turn Auto Sync Off</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>tkamn96US7mbrjykfswQ6g==</TypeGuid>
               <Parameters>
                  <Parameter>Auto Sync</Parameter>
                  <Parameter>1</Parameter>
               </Parameters>
            </Action>
         </Actions>
      </Trigger>
      <Trigger>
         <Guid>fwAohuBmrkqIhj0JgiWckA==</Guid>
         <Name>AutoSyncOn Button</Name>
         <Events>
            <Event>
               <TypeGuid>R0dZkpenQ6K5aB8fwvebkg==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOn</Parameter>
               </Parameters>
            </Event>
         </Events>
         <Conditions />
         <Actions>
            <Action>
               <TypeGuid>1m1BomyyRLqkSApB+glIeQ==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOn</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>lYGPRZlmSYirPoboGpZoNg==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOff</Parameter>
                  <Parameter>AutoSyncOff</Parameter>
                  <Parameter>Turn Auto Sync Off</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>tkamn96US7mbrjykfswQ6g==</TypeGuid>
               <Parameters>
                  <Parameter>Auto Sync</Parameter>
                  <Parameter>1</Parameter>
               </Parameters>
            </Action>
         </Actions>
      </Trigger>
      <Trigger>
         <Guid>s48t/QoOT0eOAIB8rGE8Ew==</Guid>
         <Name>AutoSyncOff Button</Name>
         <Events>
            <Event>
               <TypeGuid>R0dZkpenQ6K5aB8fwvebkg==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOff</Parameter>
               </Parameters>
            </Event>
         </Events>
         <Conditions />
         <Actions>
            <Action>
               <TypeGuid>1m1BomyyRLqkSApB+glIeQ==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOff</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>lYGPRZlmSYirPoboGpZoNg==</TypeGuid>
               <Parameters>
                  <Parameter>AutoSyncOn</Parameter>
                  <Parameter>AutoSyncOn</Parameter>
                  <Parameter>Turn Auto Sync On</Parameter>
               </Parameters>
            </Action>
            <Action>
               <TypeGuid>tkamn96US7mbrjykfswQ6g==</TypeGuid>
               <Parameters>
                  <Parameter>Auto Sync</Parameter>
                  <Parameter>0</Parameter>
               </Parameters>
            </Action>
         </Actions>
      </Trigger>
   </Triggers>
</TriggerCollection>


My backups .bat file necessarily needs a more diddling ... what this does is copy my active database, C:\Users\me\KPDB\KPDB.kdbx (it's not really called that ) to KPDB-%COMPUTERNAME%-Backup-%DOW%.kdbx where DOW is the day of the week the .bat runs (0 = Sun, 1 = Mon, etc), and it does so both to the same folder as the DB is in and to the LAN SMB location, Z:\data\ (after making sure it's mounted).

So, I have rolling 7 day backups of the desktop and laptop DBs on their respective machines, and of both on the LAN SMB drive. (And they're in File History, and in daily Macrium backups, and in end to end encrypted cloud storage for off-site backup )

On my desktop, which gets booted in the morning and shutdown in the evening, I run the .bat at system startup, and on the laptop I use a scheduled task to run it once a day.

Code: Select all

@echo off
FOR /F "skip=1" %%A IN ('wmic path win32_localtime get dayofweek') DO (
  if %%A GEQ "0" set DOW=%%A
)
:loop
if exist z:\data\ goto docopy
net use Z: \\router\share /persistent:yes
timeout 2 > nul
goto loop
:docopy
copy /B /Y "C:\Users\me\KPDB\KPDB.kdbx" "C:\Users\me\KPDB\KPDB-%COMPUTERNAME%-Backup-%DOW%.kdbx"
copy /B /Y "C:\Users\me\KPDB\KPDB.kdbx" "Z:\data\KPDB-%COMPUTERNAME%-Backup-%DOW%.kdbx"
copy /B /Y "C:\Users\me\KPDB\KPDB.kdbx" "C:\Users\me\Sync\Phone\KPDB.kdbx"

Enjoy!

[kiloran]

OK!

What I have is six triggers. Most of it is independent of file names and locations, as it uses KeePass placeholders for most of them ({DB_PATH}, {DB_NAME}, etc), but there are a few things you'll need to change, which I'll highlight as we go along.

snip snip snip.....

Enjoy!

Many thanks! I've bookmarked this.... looks like a project for a rainy winter's day!

--kiloran

[mc2fool]

Many thanks! I've bookmarked this.... looks like a project for a rainy winter's day!

Depends on if you're already familiar with Keepass triggers and placeholders, etc, and if you actually want to understand what's going on.

Someone with a techie mindset could fairly quickly just edit it to use as is in their own environment without any detailed understanding.

Actually understanding is not as bad as it looks when you import it into and look at the triggers in Keepass, and the help is pretty useful.

While you can edit user strings, like file paths, etc, in the XML in Notepad, the XML is really meant only for export-import and is otherwise incomprehensible ... gobbledygook guids instead of readable value strings, specific order unnamed parameters, etc.....don't bother!

[Itsallaguess]

So, I have rolling 7 day backups of the desktop and laptop DBs on their respective machines, and of both on the LAN SMB drive. (And they're in File History, and in daily Macrium backups, and in end to end encrypted cloud storage for off-site backup ...

Bravo that man!

Great write-up, so thanks for taking the time to go into so much detail.

On the specific aspect of your 'encrypted cloud storage', I seem to remember a thread some time ago where you were testing out a couple of the free options, but for the sake of completeness in this thread could you please detail where you ended up with that, and why the solution you ultimately chose was the most appropriate one for you, and how it's integrated into your day-to-day working, including this Keepass application?

Cheers,

Itsallaguess

[colw]

Used roboform for many years no issues.

[mc2fool]

On the specific aspect of your 'encrypted cloud storage', I seem to remember a thread some time ago where you were testing out a couple of the free options, but for the sake of completeness in this thread could you please detail where you ended up with that, and why the solution you ultimately chose was the most appropriate one for you, and how it's integrated into your day-to-day working, including this Keepass application?

I went for http://www.sync.com and am quite happy with it. It's zero knowledge end to end encryption, open source, 5GB for free, with company and servers in Canada. I use their Windows and Android clients and they also have Mac and IOS ones. No unix client but, of course, you can use it via a browser from any O/S.

I wanted simplicity and to not have files encrypted on my local disks (and also hence in File History, Macrium backups, etc). Sync.com is really pretty much just like Google Drive, except encrypted. It creates a folder C:\Users\you\Sync and that folder (and subfolders, etc) gets synced by the client (sitting in the taskbar) up to the servers and from there to other devices running the client, with encryption/decryption happening locally on the fly while up/downloading.

I keep pretty much all of my personal files, docs, spreadsheets, etc in that folder tree, using it as my "Documents" library instead of the Windows one. (I also still use Google Drive for some less personal stuff.)

While the vast majority of the stuff in the Sync folder trees is used and/or edited on both my desktop and laptop (and very selectively used on my phone) I did also create a couple of computer specific sub-folders, like C:\Users\you\Sync\Desktop & C:\Users\you\Sync\Laptop (actually they're named %COMPUTERNAME% so I can use non-system specific .bat files etc), and I treat those as local-but-with-offsite-backup folders, and that's where I keep my active KeePass database for each respective PC (and the aforementioned rolling backups too).

The contents of those computer specific sub-folders are only every modified from their respective systems, and so those folders are in effect used as local folders but with automatic off site storage, rather than for syncing to other systems, per se. Sync.com does versioning as well, so as well as all of the other backups of the KeePass databases I have, I can roll back to an earlier version ... just checked and see that they're holding ~350 versions of my desktop KP DB going back to November last year! (And those don't count against the 5GB.)

Of course, Sync.com will sync those to the other system (although I could set it not to), and that's useful should I ever need to look at the desktop's DB from the laptop or vice-versa, but their primary purpose is offsite backup....

[Itsallaguess]

I went for http://www.sync.com and am quite happy with it. It's zero knowledge end to end encryption, open source, 5GB for free, with company and servers in Canada. I use their Windows and Android clients and they also have Mac and IOS ones. No unix client but, of course, you can use it via a browser from any O/S.

I wanted simplicity and to not have files encrypted on my local disks (and also hence in File History, Macrium backups, etc). Sync.com is really pretty much just like Google Drive, except encrypted. It creates a folder C:\Users\you\Sync and that folder (and subfolders, etc) gets synced by the client (sitting in the taskbar) up to the servers and from there to other devices running the client, with encryption/decryption happening locally on the fly while up/downloading

Thanks for such a comprehensive answer, especially after you've been round the buoy on a number of other online sync options as well....

It really is amazing what can be done with a few freely available options nowadays, especially when paired with some clever scripting, as you've shown.

Like kiloran, I will be looking to implement some (or all!) of these tips, as it's clear to me that as a keen Keepass user, I'm nowhere near to taking advantage of the current backup and sync options available to me that would really update my current manual methods, as well as opening the possibility of me using the Keepass tool on a wider number of my devices, whilst still maintaining a high degree of security....

Thanks again, much appreciated - especially to have such useful detail available in a single thread.

Cheers,

Itsallaguess