Sync AutoFill database lock state with main application

[vit9696]

When I use Autofill in Safari on macOS I have to type my database password even with the database is unlocked in the main application. This feels:

• Confusing, because I expect Autofill to sync with the main application. I.e. I expect it to request a password when the main application is locked, and not to request a password when the main application is already unlocked.
• Inconvenient, because it defeats the purpose of Autofill for me — I can copy-paste the passwords from the main application faster than I can type my password to unlock the autofill feature.

[keepassium]

Hmm, this is not normal.

• Do you have "Remember Master Keys" enabled?
• Does the database file name in AutoFill match that in the main app?

[vit9696]

• No, I do not, I do not want my master keys to be stored in Apple Keychain.
• Yes.

[keepassium]

No, I do not, I do not want my master keys to be stored in Apple Keychain.

The main app and its AutoFill extension run as separate processes. They don't have that many communication channels:

1. Keychain
2. Shared folder on the drive
3. Shared UserDefaults

Of these, only keychain is encrypted. One could envision an elaborate scheme with socket-based communication between the processes, but then it would not be that safe, either. So I don't think the suggested enhancement is solvable without the keychain. And with the keychain it already works.

[vit9696]

Keychain requires permanent on-device secret storage, which basically defeats the reason to use a third-party password manager for me. I believe you can use XPC connections, which allow the developer to configure mutual authorisation for both peers.

[keepassium]

I believe you can use XPC connections, which allow the developer to configure mutual authorisation for both peers.

XPC sounds like macOS-only thing, though…

For me, the primary focus is the mobile app. The desktop app exists only because it was (or rather looked like) a low-hanging fruit thanks to Mac Catalyst. So far, there is only one sizeable macOS-specific piece of code — the one responsible for YubiKey support. That was a blocking issue for the users, no other way to solve it.

As for state sync on macOS for users without keychain, this is more of a niche convenience issue. Too small-scale and too small-impact to qualify for an OS-specific XPC implementation, sorry…

[vit9696]

XPC sounds like macOS-only thing, though

Is it? Pretty sure raw XPC APIs are indeed macOS-specific, yet subsystem-specific APIs are available to various kinds of extensions independent from the platform. At least that was the case when Apple e.g. added Network extensions to iPads.

[keepassium]

Is it?

Easy to check.

But regardless, XPC is an elaborate and fragile stuff (if iOS Files is any indication). The issue is not significant enough to justify this kind of solutions. It would be swatting a fly with a sledgehammer (made of glass).

I appreciate the issue looks more significant from your point of view, but in general this is a very niche case. I would even speculate that the overall time saved for all the affected users, annually, would be less than the time required for developing this (if at all possible). It's just not worth it.

[vit9696]

Yeah, raw xpc services are indeed macOS-only. For iOS in general there are wrappers like that Files thingy, but I was unable to easily find something specific for authentication providers.

The issue is indeed very macOS-specific and depends a lot on how much the browser integration matters for the future of Keepassium. It does not seem to bother me much so far, but just in case I have nothing to do in distant future, would you accept PRs with this implemented?