Using the Secrets password manager you can:
Store many passwords in an encrypted database, called a safe, which is protected by a single passphrase of your choice.
Always use different and stronger passwords, because you only have to remember a single passphrase to unlock the entire safe.
Gere senhas aleatórias muito fortes.
Gere códigos de verificação únicos para autenticação de dois fatores.
In Tails 7.6 (March 2026), we replaced the KeePassXC password manager with the Secrets password manager.
You can open your previous KeePassXC database using Secrets, because both Secrets and KeePassXC use the same file format to store passwords.
If you miss more advanced features from KeePassXC, you can install KeePassXC as additional software
Creating and saving a password safe
Follow these steps to create a new password safe and save it in the Persistent Storage for use in future working sessions.
Para aprender como criar um armazenamento persistente, leia nossa documentação sobre armazenamento persistente.
Ao iniciar o Tails, desbloqueie o armazenamento persistente.
No Tails, escolha Aplicativos ▸ Tails ▸ Armazenamento Persistente.
Verifique se o recurso Pasta Persistente está ativado.
To open Secrets, choose Apps ▸ Accessories ▸ Secrets Password Manager.
To create a new safe, select the New Safe button.
Create the safe as Passwords.kdbx in the Persistent folder.
Continue com as configurações padrão nas telas de configuração Informações gerais do banco de dados e Configurações de criptografia.
The safe is encrypted and protected by a passphrase. In the configuration screen Database Credentials:
- Specify a passphrase of your choice in the Password text box.
- Type the same passphrase again in the Confirm Password text box.
- Select Create.
It is impossible to recover your passphrase if you forget it!
To help you remember your passphrase, you can write it on a piece of paper, store it in your wallet for a few days, and destroy it once you know it well.
After creating the safe, select Open Safe and enter the passphrase again to unlock it.
Restoring and unlocking a password safe
Follow these steps to unlock a password safe that is saved in the Persistent Storage from a previous Tails session.
Ao iniciar o Tails, desbloqueie o armazenamento persistente.
In Tails, choose Apps ▸ Accessories ▸ Secrets Password Manager.
If you have a safe named Passwords.kdbx in your Persistent folder, Secrets automatically displays a dialog to unlock it.
Enter the passphrase for this safe and select Unlock.
Se você inserir uma senha errada, a seguinte mensagem de erro será exibida:
Falha ao desbloquear o cofre.
You can also double-click your password safe from the Files browser to open it using the Secrets password manager.
Using Secrets as an authenticator app for two-factor authentication
Muitos sites oferecem autenticação de dois fatores como um método mais seguro do que usar apenas uma senha. Por exemplo, você pode configurar um aplicativo de autenticação, como o Google Authenticator, para gerar um código único de 6 dígitos ao fazer login em um site.
You can use Secrets to generate such one-time codes in Tails. The technology used to generate these codes is called time-based one-time password (TOTP).
To configure two-factor authentication for an entry in your password safe:
From the website or application for which you are configuring two-factor authentication, identify the secret that you need to generate the one-time codes. This secret is a string of characters that is often provided together with a QR code.
In the Secrets password manager, select the entry of your safe for which you want to configure two-factor authentication.
At the bottom of the right pane, select Show More.
In the new options that appear, enter the secret from the website or application in the One-Time Password Secret text box.
A one-time code appears above the One-Time Password Secret text box.