search

keepassxreboot / keepassxc-browser

KeePassXC Browser Extension
GNU General Public License v3.0
1.72k stars 178 forks source link

[RFC] Workflow for adding new TOTP entry to the DB #410

Open darix opened 5 years ago

darix commented 5 years ago

Current steps to add a new TOTP entry to the DB

In an ideal case

  1. website offers "add manually" option where we can copy paste the paramaters into the "setup totp" dialogue

the not so ideal way

  1. download the QR code image or make a screenshot (e.g. if the QR code is SVG)
  2. run zbarimg on the file
  3. know which part of the cryptic string is what and what goes where

Expected Behavior

Integrate the the whole TOTP handling just as we have this "add new entry" popup when ever we see a login for the first time. The goal would be to make it more user friendly, especially for not so technical user.

Possible Solution

  1. click a button in keepassxc-browser drop down
  2. get the image:
    1. grab current tab image via chrome.desktopCapture (or like here e.g.) (more work for the QR decoder)
    2. Ideally we would want to select the region with the QR code (think region selection in an image editor)
    3. another option would be to use the same picker that the webdev tools use to select the image/element with the QR code. but we might have to rerender it to a canvas as some sites use SVG for their QR code
  3. let it run JS QR decoder
  4. send the config to the keepassxc via their browser protocol
patdavid commented 5 years ago

A JS QR decoder might not be expecting a full screenshot, so the element picker would be very helpful if possible to avoid extra noise in the QR image.

darix commented 5 years ago

We could just pipe the whole image to the C++ code and use libzbar there ;) runs

hex-m commented 1 year ago

There is an equivalent request for the application itself.

The Authenticator Extension implements that feature and could maybe be an inspiration.