search

VTalyh / keepassdroid

Automatically exported from code.google.com/p/keepassdroid
0 stars 0 forks source link

Implement OATH-HOTP two factor authentication support (OtpKeyProv, YubiKey) #594

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
There is YubiKey version with NFC chip - YubiKey NEO - 
https://www.yubico.com/products/yubikey-hardware/yubikey-neo/

It would be great to be able to use it to unlock the passwords database.

I would suppose some workflow like the one below could be used:
- user launches KeePassDroid
- types in master password
- a prompt then appears asking for the "second factor" of the authentication
- in desktop KeePass user would press YubiKey button to "type in" OTP - 
http://www.yubico.com/applications/password-management/consumer/keepass/
- in KeePassDroid user would touch the phone with a token for NFC transmission

Yubico is also working with Google and others on a standard for 2-factor 
authentication - U2F.
They plan to release YubiKey NEO with U2F support in 2014.

Here are some details and a demo video:
http://www.yubico.com/products/yubikey-hardware/yubikey-neo/yubikey-neo-u2f/

Original issue reported on code.google.com by 2sa...@gmail.com on 2 Sep 2013 at 9:15

GoogleCodeExporter commented 9 years ago 
I really think this should not be too hard to implement.
Especially as you "just" need to access the yubico libraries.

Or you could achieve 2-factor authentication by using a challenge-response with 
a "public" seed, which is transformed in a secret response with the yubikey 
builtin secret.

Or you could achieve 2-factor authentication without any change to KeePassDroid 
by using the static password function.

Is anyone already working on this ?
I would be interested to join in.

Original comment by quickh...@gmail.com on 26 Oct 2013 at 2:13

GoogleCodeExporter commented 9 years ago 
Yes, it would really be neat to use the YubiKey NEO NFC features described 
above. This will really enhance the security of KeePassDroid. 

U2F has already been released in the latest Yubikeys in v2.4.2 so no need to 
wait till next year.

https://store.yubico.com/store/catalog/product_info.php?products_id=92

Original comment by clementl...@gmail.com on 26 Nov 2013 at 3:02

GoogleCodeExporter commented 9 years ago 
I would love to have the OATH-HOTP functionality from the OtpKeyProv KeePass 
plugin duplicated in KeePassDroid.

Original comment by joe.dun...@gmail.com on 20 Jan 2014 at 5:36