PasswordSafe Preferences


Like many applications, PasswordSafe allows you to configure its behaviour and appearance to best suite your taste and needs. Many applications store such preferences in the Windows "registry", as a matter of convention and convenience. Previous versions of PasswordSafe used the registry as well, but this has proven to be problematics for the following reasons:
1. Some of the configurable preferences are security related, and storing them in an open repository such as the Windows registry may enable an attacker to gain access to the database (for example, if the attacker were to disable the locking of the database after an inactivity timeout, the user would assume the database was safely locked while out to lunch, whereas the attacker could then access it at her convenience).
2. Many people are using PasswordSafe from a disk-on-key or otherwise sharing the same database across several machines. It's impractical to share the configuration data in a registry in such a manner.

PasswordSafe has a number of preferences, each with a reasonable default value. When a user changes the configuration to a non-default value, the new value is store by PasswordSafe.
PasswordSafe defines preferences as security-related or non-security related. The former are kept in the database, encrypted with the same key as the user's data.
Non-security-related preferences are kept in a configuration file, pwsafe.cfg. This file is in XML format, with sections per host machine and per user, so that the file may be shared between different users, and across different machines.
By default, pwsafe.cfg is kept in the same directory as the pwsafe.exe executable program. If, however, the PWS_PREFSDIR environment variable is set, pwsafe will use the configuration file stored there. This is useful for cases where write permissions to the pwsafe.exe install directory is restricted.

The following tables describes the configuration items. Most of them are configurable via the Manage->Options dialog box.

Boolean (true/false) preferences

Preference Default Where stored Comment
alwaysontop false pwsafe.cfg Main window alway on top
showpwdefault false database
showpwinlist false database
sortascending true database
usedefuser false database
saveimmediately true database
pwuselowercase true database Password generation policy
pwuseuppercase true database Password generation policy
pwusedigits true database Password generation policy
pwusesymbols false database Password generation policy
pwusehexdigits false database Password generation policy
pweasyvision false database Password generation policy
dontaskquestion false pwsafe.cfg
deletequestion false pwsafe.cfg
DCShowsPassword false pwsafe.cfg
DontAskMinimizeClearYesNo true pwsafe.cfg
DatabaseClear false pwsafe.cfg
DontAskSaveMinimize false pwsafe.cfg
QuerySetDef true pwsafe.cfg
UseNewToolbar true pwsafe.cfg
UseSystemTray true pwsafe.cfg
LockOnWindowLock true pwsafe.cfg
LockOnIdleTimeout true pwsafe.cfg
EscExits true pwsafe.cfg
HotKeyEnabled false pwsafe.cfg
MRUOnFileMenu true pwsafe.cfg Most recently used databases
DisplayExpandedAddEditDlg true database Default More/Less details
MaintainDateTimeStamps false database
SavePasswordHistory false database
FindWraps false pwsafe.cfg
ShowNotesDefault false database
BackupBeforeEverySave true pwsafe.cfg
PreExpiryWarn false pwsafe.cfg
ExplorerTypeTree false pwsafe.cfg Show groups first in tree view
ListViewGridLines false pwsafe.cfg Show grid lines in list view
MinimizeOnAutotype true pwsafe.cfg

Numerical preferences

Preference Default Where stored Min Max Comment
column1width n/a pwsafe.cfg n/a n/a
column2width n/a pwsafe.cfg n/a n/a
column3width n/a pwsafe.cfg n/a n/a
column4width n/a pwsafe.cfg n/a n/a
sortedcolumn 0 pwsafe.cfg 0 15
pwlendefault 8 database 4 1024 Default password length
maxmruitems 4 pwsafe.cfg 0 20 Most recently used databases
IdleTimeout 5 database 1 120
DoubleClickAction DoubleClickCopyPassword pwsafe.cfg n/a n/a
HotKey none pwsafe.cfg n/a n/a
MaxREItems 25 pwsafe.cfg 0 25 Recent entries
TreeDisplayStatusAtOpen AllCollapsed database n/a n/a
NumPWHistoryDefault 3 database 0 255 how many passwords to keep in history
BackupSuffix 0 pwsafe.cfg n/a n/a
BackupMaxIncremented 1 pwsafe.cfg 1 999
PreExpiryWarnDays 1 pwsafe.cfg 1 30 When to warn on about-to-expire passwords

Textual Preferences

Preference Default Where stored Comment
currentbackup <none> pwsafe.cfg Path and name of last backup file
currentfile <none> pwsafe.cfg Currently (i.e., last) opened file
lastview tree pwsafe.cfg Last view selected: Tree or List view
defusername <none> database
treefont <none> pwsafe.cfg
BackupPrefixValue <none> pwsafe.cfg
BackupDir <none> pwsafe.cfg
AltBrowser <none> pwsafe.cfg Alternate browser
ListColumns <none> pwsafe.cfg Non-default column order
ColumnWidths <none> pwsafe.cfg Non-default column widths
DefaultAutotypeString \u\t\p\t\n database