Skip to content
KeePassRDP is a plugin for KeePass 2.x which adds multiple options to connect via RDP to the URL of an entry.
Branch: master
Clone or download
Latest commit b6fd036 Apr 18, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
KeePassRDP Modify credpick-regex Apr 18, 2019
.gitattributes GITIGNORE und GITATTRIBUTES hinzufügen. Apr 16, 2019
.gitignore Update .gitignore Apr 17, 2019
KeePassRDP.sln Projektdateien hinzufügen. Apr 16, 2019
KeePassRDP.ver fix some more translations Apr 17, 2019 Update Apr 18, 2019
make_release.ps1 rewrite the .plgx creation script Apr 17, 2019



KeePassRDP is a plugin for KeePass 2.x which adds multiple options to connect via RDP to the URL of an entry.


  1. Download the zip file from the newest release
  2. Unzip and copy the KeePassRDP.plgx file to your KeePass plugins folder.


To connect via rdp to a machine, select the entry containing the IP-address or hostname, right-click and select KeePassRDP > Open RDP connection (or just press CTRL + M).

To use the other connection options, just select the corresponding entries in the context-menu.


  • Connect to host via RDP
  • Connect to host via RDP admin session (mstsc.exe /admin parameter)
  • Gather and show possible Windows or domain credentials when the connection entry is inside a group called "RDP" (see below for details)

RDP subgroup / folder

This is how I use the extension for on a daily basis (I work for an MSP where we store credentials for customer domains or machines inside KeePass):

Our KeePass Database is structured like this:

DB structure image

Where each group contains entries specific to that customer.

If there ist just a single jumphost or something like that, we just create an entry like this directly inside the customer group:

jumphost example image

But if a customer has many hosts and multiple accounts to access them, we create a subgroup called RDP (this has to be uppercase and directly inside the customer group to work) inside a customer group:

rdp subgroup example image

Which may contain entries like this:

RDP subgroup example entries

The customer group itself contains the account-entries in this case (they can also be in different subgroups one level below the customer group):

cusotmer example entries

If we now want to connect to one of the machines in the RDP subgroup (with credential usage), just select the machine-entry, press CTRL + M and KeePassRDP shows you a dialog with viable account-entries (with titles like e.g. domain-admin, local user, ...) it always ignores entries where the title contains [rdpignore]

credential selection dialog

Now just select the entry you want and klick ok (or press Enter).

How it works

The plugin basically just calls the default mstsc.exe with the /v:<address> (and optionally /admin) parameter to connect.

If you choose to open a connection with credentials it first calls cmdkey.exe /generic:<address> /user:<username> /pass:<password> to save credentials to use by the mstsc.exe into the Windows Credential Manger.

These Credentials get removed via cmdkey.exe /delete:<address> after about 10 seconds.

Third-Party Software

This plugin uses the awesome C# ListView wrapper ObjectListView by Phillip Piper

You can’t perform that action at this time.