AutoFill saves you time by automatically filling in username and password fields when you log into a website.
Opting for the open source KeePass format, over proprietary solutions like 1Password and LastPass, can sometimes feel like a trade-off between data ownership and convenience. 1Password, LastPass, etc have easy-to-use browser extensions, whilst with KeePass there are various options available of differing quality.
Unfortunately, despite an increasing number of KeePass-compatible iOS apps, there aren’t many good KeePass apps on macOS. This means that autofilling your KeePass passwords can be cumbersome on the Mac.
How To Set Up AutoFill for KeePass on Mac
Most KeePass apps will have some kind of AutoFill solution and this is an important factor to consider when deciding which one to use.
Strongbox is a free and open source KeePass-compatible password manager that provides a great user experience across Mac, iPhone and iPad. We’re biased, but, we believe that Strongbox offers the simplest and most secure way to AutoFill your KeePass passwords on your Mac, whether you’re using Chrome, Firefox, Safari or another compatible browser.
For those who don’t want to use Strongbox we also recommend KeePassXC.
We’ve outlined everything below:
NB: AutoFill support for Strongbox on Mac is only available with Strongbox Pro. You can try out Strongbox Pro for free for 3 months with no obligation to buy. We hope you’ll love it.
Strongbox has official browser extensions for both Chrome and Firefox:
Many other Chromium and Firefox-based browsers also work with the above extensions, including Brave and Microsoft Edge.
For a general overview of how Strongbox works and how to get it set up, check out our Getting Started guide.
AutoFill is enabled on a per-database basis. So, before you can go ahead and make use of the browser extension, you’ll need to enable AutoFill in your database settings. To do this:
- Unlock your database
- Open the Database Settings (Database > Database Settings menu item)
- Navigate to the AutoFill tab
- Make sure the ‘Enable AutoFill for this Database’ box is checked
When you go to log into a website, you will then see a list of all entries in your database that match that URL.
There are also certain settings available within the AutoFill extension in the browser. You can automatically fill the fields as soon as the webpage loads, either with the closest match or only if there’s a single match for that domain, or you can turn this off and manually select an entry from the dropdown that appears when you click into a username or password field.
Strongbox AutoFill for Safari
Strongbox integrates with Apple’s native Password AutoFill on Mac (and iPhone and iPad). This is what enables Strongbox to AutoFill your credentials in Safari.
To enable AutoFill in Safari/macOS, go to System Preferences > Extensions > Password AutoFill and check the box for the Strongbox app.
Wormhole Fill Explained
In the AutoFill settings for your database, there’s an option to enable “Wormhole” fill:
If you enable it, the system level AutoFill can communicate directly with the Strongbox app. This way, AutoFill can determine if your database is already unlocked and save you from having to authenticate twice. If you disable this, you will have to authenticate each time you use AutoFill, even if your database is currently unlocked in the Strongbox app.
The “Wormhole” itself is a dedicated IPC channel that utilises the Secure Enclave on your Mac to keep your credentials secure.
A Quick Note on Security
As well as convenience, security is a concern whenever you decide to share sensitive data from your KeePass database with another app or service, such as your browser.
If you use a well-architected browser extension/AutoFill integration (such as with Strongbox) it is generally more secure to use AutoFill than it would be to copy and paste your passwords manually via your device’s clipboard. This is also true of Strongbox’s integration with the system-level AutoFill on macOS.
In creating the Strongbox browser extension, we have gone above and beyond to make it very difficult for an attacker to intercept your secrets. All traffic is encrypted end-to-end using asymmetric encryption, it uses local, on-device-only IPC (inter-process communication) with no open ports, and the code is open source so you can inspect it yourself on GitHub. You can read more about how the browser extension works here.
Whichever AutoFill solution you choose, make sure that you trust the developer and that your secrets are safe in transit.
What About TOTP codes?
Time-Based One-Time Passwords (TOTPs or OTPs) are codes that are constantly changing at regular time intervals. They usually take the form of a 6-digit number and are a very common method to enable 2FA.
If you have added a TOTP code to an entry in Strongbox, it’s super easy to then AutoFill that code in your browser. Once the username and password have been filled, Strongbox will automatically copy the TOTP to your device’s clipboard. So you can just paste and go.
The step-by-step instructions are:
- Navigate to the website’s login page in your browser
- Select the entry you want to use from the drop down menu
- Click to log in
- When the website prompts you for a TOTP code, simply press paste (CMD + V) and the TOTP code will be filled immediately
AutoFill with KeePassXC as an Alternative to Strongbox
KeePassXC is a free and open source app available on all major platforms, including macOS, Windows and Linux.
In order to use AutoFill with KeePassXC, you need to download their browser extension. At the time of writing, KeePassXC supports Firefox & Chromium based browsers.
Once the extension is installed, open KeePassXC and go to Tools > Settings > Browser Integration. Check the box to Enable Browser integration and then check the browsers that you want to use. After you’ve done this, you’ll need to restart your browser.
Unfortunately, Safari isn’t currently supported. To use KeePassXC with Safari, you’ll need to enable the global Auto-Type feature.
Auto-Type fills the username and password for you by simulating key presses. It’s less convenient than a browser based AutoFill because it requires you to search for the correct entry manually. The advantage however is that it can be used anywhere, including inside of other Mac apps.
To set up Auto-Type, check out this guide.
You don’t need to sacrifice the convenience of AutoFill when you use KeePass on your Mac. If you choose the right KeePass client, you’ll get the benefits of owning your own data and save time by taking advantage of AutoFill. That’s one more reason not to use proprietary password management apps like 1Password.
Strongbox offers a comprehensive AutoFill solution that works across all major browsers on Mac (as well as on iPhone and iPad). KeePassXC is a free option that works across all major browsers except for Safari, with Auto-Type making it possible to still AutoFill in Safari with a few extra steps.
For more information, check our comprehensive guides on AutoFill, as well as how to AutoFill on your iPhone and iPad.