Residual data after deleting database

[caspadan]

I'm sorry to be a bother. I have played around with your plugin a lot as I do find it to be a very good OTP plugin (might I say, the best one). So, I've noticed something that I do not believe is intentional. I'm also not sure if it is something you can do anything about though. I guess I might be leaning towards OCD than anything else. But let me describe it below:

OVERVIEW

After deleting a separate OTP database from the main database, there is information left in the main database that is referencing the (old/deleted) OTP database.

STEPS TO REPRODUCE

PREREQUISITES

• A database with an entry or multiple entries set up with OTP (via KeePassOTP) and where the OTP secrets are saved in a separate OTP database.
• A KPOTP column set up in KeePass. To do this, right-click any column title and select "Configure Columns..." Now check the KPOTP column under the Provided by Plugins heading and click OK.

STEPS

1. Delete OTP Database

Delete the saved OTP database via the KeePassOTP settings. For this, go to Tools > KeePassOTP... > OTP settings (db specific) and by the dropdown select Delete and hit OK. This will delete the OTP database. You need to save your main database in KeePass (even if the save icon is grey), otherwise the changes will not be saved.

2. Create New OTP Database

With the OTP database deleted, create a new OTP database. Go to Tools > KeePassOTP... > OTP settings (db specific) and by the dropdown select Create New Database and hit OK. Follow the prompts to setup an OTP database.

3. Notice KPOTP Column

View the KPOTP column setup in step 1. Notice the entries that previously had OTP information setup now have "???" in the KTOTP column (note: this is usually the case with OTP setup on an entry, but the OTP database is not open). However, the entries with "???" do not have any OTP setup as we have only just created the OTP database.

EXPECTED BEHAVIOUR

• When creating a new OTP database, no "???" in KPOTP column for entries that previously had OTP setup on a previous (deleted) OTP database.
• All information from OTP database is purged when the OTP database is deleted.

ACTUAL BEHAVIOUR

Some information is still present after deleting the OTP database. Exporting the main database to XML reveals the following data left in the entries previously setup with OTP:

<CustomData>
    <Item>
        <Key>KeePassOTP.DB</Key>
        <Value>true</Value>
    </Item>
</CustomData>

CONTEXT:

-KeePass 2.53.1 -KeePassOTP 1.6.4

I'm not sure if there is any way to ensure this data is removed together with the deletion of the OTP database or not, but I thought it would be worthwhile to mention it to you in case you were not aware.

Sorry if i gave you more work to do.

Kind regards Daniel

[Rookiestyle]

Thanks for this very detailed description.

I'll develop a fix for those two topics

You need to save your main database in KeePass (even if the save icon is grey), otherwise the changes will not be saved.

All information from OTP database is purged when the OTP database is deleted.

Technically, the ??? part needs to be removed from the main db

[Rookiestyle]

The new release will do a proper cleanup.

If you already saved the main db after deleting the embedded one, you can cleanup manually:

1. Make a backup ;)
2. Tools -> Database tools -> XML replace...
3. Delete node //Entry/CustomData/Item[Key = 'KeePassOTP.DB']

[caspadan]

Thank you for the prompt fix.