Diagnostics • Compatibility • Quick fixes
Fix “wrong key” error in DB Browser (SQLCipher)
“Wrong key” usually means the passphrase is incorrect or encryption parameters don’t match how the database was created. Follow this checklist to identify the cause and fix the issue safely.
Step‑by‑step diagnostics
- Confirm the passphrase — retype manually (avoid paste), check Caps Lock and keyboard layout, remove leading/trailing spaces.
- Check KDF iterations — ensure the same value used at creation; if unknown, try common values used in your stack before.
- Check page size — it must match the value used when the DB was created.
- Validate cipher/integrity options — ensure you’re opening the DB in SQLCipher mode with matching settings.
- Rule out corruption — test a backup or open on another machine/version; verify storage isn’t failing.
- Reopen after changes — close the DB and try again after each adjustment.
Need guidance on parameters? Start with SQLCipher basics and a clean test DB to confirm your defaults.
Fix by scenario
You know the correct passphrase
- Try alternate iteration counts used in your environment.
- Try the page size you usually set for new DBs.
- Ensure SQLCipher mode is selected, not plain SQLite.
Walkthrough: Open an encrypted DB
Passphrase might be wrong
- Confirm the exact passphrase used at creation time.
- Check if a password manager auto‑filled the wrong entry.
- Verify there are no invisible characters/spaces.
If you cannot recover it, consider restoring from a known‑good backup.
Prevent it next time
- Standardize KDF iterations and page size in team docs.
- Record parameters used for each database at creation.
- Use a password manager; avoid reusing passphrases.
- Keep backups and test restores periodically.
See also: Security best practices and Migrate to SQLCipher for standardization tips.