Encrypt and Decrypt SQLite Databases
Use the portable Windows build of DB Browser to create encrypted SQLite databases (SQLCipher), open existing ones with a key, change the key, and decrypt back to a plain SQLite file.
Create an encrypted database
Go to File → New Database, choose a folder and file name.
When prompted, enter a strong passphrase. Use long, unique phrases (12+ characters).
Save the new database. Reopen it to verify the key works.
Open an encrypted database
Use File → Open Database and select the encrypted file.
Provide the correct passphrase. If advanced SQLCipher parameters are available, ensure they match the DB you are opening.
If the key and parameters match, tables and data will load normally.
Change the encryption key (rekey)
Open the database with the current key. Back up your file first.
Use the change password dialog if your build provides it. Otherwise, export→import into a new encrypted DB using the new passphrase.
Reopen the DB with the new key and remove temporary files once confirmed.
Decrypt to plain SQLite
Open the encrypted DB with your current passphrase.
Use Export → Database to SQL to create a dump of the schema and data.
Create a new plain SQLite DB and import the SQL dump. For more scenarios, see Migrate.
Compatibility tips (SQLCipher)
- Ensure the SQLCipher version matches between tools. Version mismatches can trigger "file is not a database".
- Advanced parameters such as KDF iterations and page size may differ across versions. Use the same settings to open an existing file.
- When unsure, try opening the DB in the same tool and build that created it, then export/import to migrate.
- Always keep backups before rekeying or converting encrypted databases.
- See Troubleshooting for detailed error fixes.