Like many applications, Password Safe allows you to configure its behaviour and appearance to best suite your taste and needs. Many applications store such preferences in the Windows "registry", as a matter of convention and convenience. Previous versions of Password Safe used the registry as well, but this has proven to be problematic for the following reasons:
Password Safe has a number of preferences, each with a reasonable default value. When a user changes the configuration to a non-default value, the new value is store by Password Safe.
Password Safe defines preferences as security-related or non-security related. The former are kept in the database, encrypted with the same key as the user's data.
Non-security-related preferences are kept in a configuration file, pwsafe.cfg. This file is in XML format, with sections per host machine and per user, so that the file may be shared between different users, and across different machines.
By default, pwsafe.cfg is kept in the same directory as the pwsafe.exe executable program. If, however, the PWS_PREFSDIR environment variable is set, pwsafe will use the configuration file stored there. This is useful for cases where write permissions to the pwsafe.exe install directory is restricted (See also the description of the -g option in the Command Line Arguments Section).
The following tables describes the configuration items. Most of them are configurable via the "Manage → Options" dialog box. As we use XML to save these valies, field names are case sensitive. Preferences stored in the "pwsafe.cfg" file apply to all open databases. Those stored in the database apply only to that database. In Windows Vista or Windows 7, the pwsafe.cfg file can be found in the following directory: "C:\Users\<username>\AppData\Local\PasswordSafe" and in Windows XP, it can be found in: "C:\Documents and Settings\<username>\Application Data\PasswordSafe". Note both directories may be hidden and Folder Vew properties may need to be modified in order to be able to view it. Obsolete preferences are not listed.
Note that only non-default preference values are stored in the configuration file or database.
Note: Do NOT modify any of the preferences in the pwsafe.cfg file manually, as this may cause unexpected or unpredictable results. Whilst we have made every effort to verify any preference we read in, we cannot guarantee that manually edited values will not cause a problem.
| Preference | Default | Where stored | Comment |
|---|---|---|---|
| AlwaysOnTop | false | pwsafe.cfg | Main window always on top |
| ShowPWDefault | false | database | Password is displayed by default in Add/Edit |
| ShowUsernameInTree | true | database | Username is displayed in Tree View |
| ShowPasswordInTree | false | database | Password is displayed in Tree View (requires Username to be displayed) |
| ShowNotesDefault | false | database | Show Notes in Add and Edit |
| ShowNotesAsToolTipsInViews | false | pwsafe.cfg | Show an entry's Notes as a tool tip in both Tree and List views (only the first 250 characters will be displayed) |
| SortAscending | true | database | The last sort direction in List View (ascending or descending) |
| UseDefaultUser | false | database | Use the default user text preference when adding a new entry |
| SaveImmediately | true | database | Save database after every Add or Edit |
| PWUseLowercase | true | database | Password generation policy - use lower case characters |
| PWUseUppercase | true | database | Password generation policy - use upper case characters |
| PWUseDigits | true | database | Password generation policy - use numbers |
| PWUseSymbols | true | database | Password generation policy - use symbols |
| PWUseHexDigits | false | database | Password generation policy - generate a password with only hexadecimal characters (always an even number) |
| PWUseEasyVision | false | database | Password generation policy - use Easy-Vision characters so that one character isn't mistaken for another e.g. number 0 (zero) and letter O (capital O) etc. |
| PWMakePronounceable | false | database | Password generation policy - convert generated passwords to be more pronounceable |
| dontaskquestion | false | pwsafe.cfg | Don't ask for confirmation when copying password to clipboard |
| deletequestion | false | pwsafe.cfg | Don't ask for confirmation when deleting a single entry |
| DatabaseClear | false | pwsafe.cfg | Lock database on minimize, which implies clear database from memory |
| QuerySetDef | true | pwsafe.cfg | Ask user each time they add an entry whether to use the Username for all new entries |
| UseNewToolbar | true | pwsafe.cfg | Use New or Classic toolbar |
| UseSystemTray | true | pwsafe.cfg | Put Password Safe icon in Windows System Tray |
| LockOnWindowLock | true | pwsafe.cfg | Lock Password Safe database when the user locks their Windows session |
| EscExits | true | pwsafe.cfg | The ESC key will close the database and exit Password Safe (if the System Tray is not being used) |
| HotKeyEnabled | false | pwsafe.cfg | True if the user has defined a Hot Key to get quick access to Password Safe |
| MRUOnFileMenu | true | pwsafe.cfg | Most recently used databases are shown in the File menu or in in their own sub-menu from the File menu |
| MaintainDateTimeStamps | false | database | Entry last access times are recorded, if the database is in Read/Write mode |
| SavePasswordHistory | false | database | Save entry's old passwords when a new password is assigned |
| BackupBeforeEverySave | true | pwsafe.cfg | Rename current database following the Backup settings before saving any changes to it |
| PreExpiryWarn | false | pwsafe.cfg | Warn user on database open if there are any entries with expired or soon to expire passwords |
| ExplorerTypeTree | false | pwsafe.cfg | Show groups first in tree view |
| ListViewGridLines | false | pwsafe.cfg | Show grid lines in list view |
| MinimizeOnAutotype | true | pwsafe.cfg | Minimize Password Safe during AutoType. Database may also be locked depending on the setting to lock it on minimize |
| ShowToolbar | true | pwsafe.cfg | Show Toolbar |
| ShowDragbar | true | pwsafe.cfg | Show Dragbar |
| ShowFindToolBarOnOpen | true | pwsafe.cfg | Show the Find toolbar when Password Safe starts. This is determined by the state of this toolbar when Password Safe was last ended |
| DefaultOpenRO | false | pwsafe.cfg | By default, set the Read-Only checkbox during the open of databases |
| MultipleInstances | true | pwsafe.cfg | Allow multiple instances of password Safe to be started. Chnage this value will require Password Safe to be restarted to take effect. |
| ClearClipboardOnMinimize | true | pwsafe.cfg | Clear the clipboard of Password Safe information on minimize |
| ClearClipboardOnExit | true | pwsafe.cfg | Clear the clipboard of Password Safe information when Password Safe ends |
| NotesWordWrap | true | pwsafe.cfg | Note will be wrapped in its display area during Add/Edit |
| LockDBOnIdleTimeout | true | database | Lock database if the user has not used the PC for a number of minutes. See "IdleTimeout" integer preference for the threshold value in minutes |
| HighlightChanges | true | pwsafe.cfg | Highlight changed unsaved entries in blue |
| HideSystemTray | false | pwsafe.cfg | Hide the Password Safe System tray icon. Only able to be set if the user has already set a Hot Key |
| UsePrimarySelectionForClipboard | false | pwsafe.cfg | Determine which clipboard to use (Linux only) |
| CopyPasswordWhenBrowseToURL | false | database | Copy the entry's password to the clipboard when invoking the entry's "Browse to URL" |
| Preference | Default | Where stored | Min | Max | Comment |
|---|---|---|---|---|---|
| column1width | n/a | pwsafe.cfg | n/a | n/a | The width of the first column in the List View when Password Safe was last exited |
| column2width | n/a | pwsafe.cfg | n/a | n/a | The width of the second column in the List View when Password Safe was last exited |
| column3width | n/a | pwsafe.cfg | n/a | n/a | The width of the third column in the List View when Password Safe was last exited |
| column4width | n/a | pwsafe.cfg | n/a | n/a | The width of the fourth column in the List View when Password Safe was last exited |
| sortedcolumn | 0 | pwsafe.cfg | 0 | 15 | Previous column used to sort the List View |
| PWDefaultLength | 12 | database | 4 | 1024 | Default password length |
| maxmruitems | 4 | pwsafe.cfg | 0 | 20 | Number of most recently used databases saved in the File menu |
| IdleTimeout | 5 | database | 1 | 120 | Threshold in minutes to determine whether to lock Password Safe due to inactivity |
| DoubleClickAction | Copy Password | pwsafe.cfg | n/a | n/a | See Help entry DCA Values export |
| HotKey | none | pwsafe.cfg | n/a | n/a | The Hot Key value. (This is stored as a decimal integer created from the virtual keycode for the character in the lower word plus the Microsoft Foundation Class CHotKeyCtrl modifier flags in the higher word.) |
| MaxREItems | 25 | pwsafe.cfg | 0 | 25 | Maximum number of "Recent used entries" to be saved in the database and displayed from the System Tray icon to allow quick access |
| TreeDisplayStatusAtOpen | AllCollapsed | database | n/a | n/a | Values are: AllCollapsed, AllExpanded or AsPerLastSave |
| NumPWHistoryDefault | 3 | database | 0 | 255 | How many passwords to keep in an entry's password history field |
| BackupSuffix | 0 | pwsafe.cfg | n/a | n/a | Values are: None, datetime or an incremental number |
| BackupMaxIncremented | 1 | pwsafe.cfg | 1 | 999 | Only valid if an incremental number is used for the BackupSuffix |
| PreExpiryWarnDays | 1 | pwsafe.cfg | 1 | 30 | When to warn on about-to-expire passwords |
| ClosedTrayIconColour | 0 | pwsafe.cfg | 0 | 0 | Change the colour of the closed database Password Safe icon in the System Tray. 0 = Black, 1 - Blue, 2 = White and 3 = Yellow |
| PWDigitMinLength | 0 | database | 0 | 1024 | Default minimum number of digits in a generated password |
| PWLowercaseMinLength | 0 | database | 0 | 1024 | Default minimum number of lower case characters in a generated password |
| PWUppercaseMinLength | 0 | database | 0 | 1024 | Default minimum number of upper case characters in a generated password |
| PWSymbolMinLength | 0 | database | 0 | 1024 | Default minimum number of symbols in a generated password |
| OptShortcutColumnWidth | 92 | pwsafe.cfg | 10 | 512 | Size of the columns in the Manage → Options → Shortcuts tab |
| ShiftDoubleClickAction | Copy Password | pwsafe.cfg | n/a | n/a | See Help entry DCA Values export |
| Preference | Default | Where stored | Comment |
|---|---|---|---|
| currentbackup | <none> | pwsafe.cfg | Path and name of last backup file |
| currentfile | <none> | pwsafe.cfg | Currently (i.e., last) opened file |
| lastview | tree | pwsafe.cfg | Last view selected: Tree or List view ("tree" or "list") |
| DefaultUsername | <none> | database | Default value for the Username field when creating new entries |
| treefont | <none> | pwsafe.cfg | Information about the font used in the Tree View |
| PasswordFont | <none> | pwsafe.cfg | Information about the font used to display the password |
| BackupPrefixValue | <none> | pwsafe.cfg | Usually the current database name is used to prefix any backup file names. This can be overridden using this preference |
| BackupDir | <none> | pwsafe.cfg | Usually the database backup is stored in the same directory as the database. This can be overridden using this preference |
| AltBrowser | <none> | pwsafe.cfg | Full path to an alternate browser |
| ListColumns | <none> | pwsafe.cfg | Non-default column order in List View. Note the list of comma separated column numbers reflect internal numbering of the fields and should not be edited manually |
| ColumnWidths | <none> | pwsafe.cfg | Non-default column widths inList View |
| DefaultAutotypeString | \u\t\p\t\n | database | The database's default AutoType string. Note that each entry may override this value |
| AltBrowserCmdLineParms | <none> | pwsafe.cfg | Special command line parameters for the alternate browser, if specified |
| MainToolBarButtons | <none> | pwsafe.cfg | A list of the Toolbar buttons and their order as customised by the user. A separator is shown as a ~ |
| TreeListSampleText | "AaBbYyZz 0O1IlL" | pwsafe.cfg | Sample text to use when deciding what font to be used in the Tree View |
| PswdSampleText | "AaBbYyZz 0O1IlL" | pwsafe.cfg | Sample text to use when deciding what font to be used to display passwords |
| VKSampleText | "AaBbYyZz 0O1IlL" | pwsafe.cfg | Sample text to use when deciding what font to be used in the Virtual Keyboard |
| VKeyboardFontName | <none> | pwsafe.cfg | Name of the Unicode font to be used to display all characters used in the Virtual Keyboard. This includes both Latin and non-Latin characters |
| LastUsedKeyboard | <none> | pwsafe.cfg | Save the code of the last Virtual Keyboard used |
| AltNotesEditor | <none> | pwsafe.cfg | Full path to a text editor to be used to edit an entry's Notes field rather than the Windows default application. |
| LanguageFile | <none> | pwsafe.cfg | The code of last language file used by the user. It is in the form "LL" or "LL_CC", where LL = ISO 639-1 two-character Language code e.g. EN, FR, DE, HE... see http://www.loc.gov/standards/iso639-2/ and CC = ISO 3166-1 two-character Country code e.g. US, GB, FR, CA... see http://www.iso.org/iso/en/prods-services/iso3166ma/index.html |
| DefaultSymbols | <none> | database | The default list of symbols to be used when generating a password with symbols. Note: each entry may override this value. |