AutoOpen: Support pre-selecting hardware key

keepassxreboot / keepassxc

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

https://keepassxc.org/

Other

20.03k stars 1.42k forks source link

AutoOpen: Support pre-selecting hardware key #4351

Open criemen opened 4 years ago

criemen commented 4 years ago

Summary

When using AutoOpen to open a database secured by a hardware key and a password, the opening fails with "Error while reading the database: Invalid credentials were provided, please try again. If this reoccurs, then your database file may be corrupt. (HMAC mismatch)"

Desired Behavior

There should be some way to tell keepassxc to try opening the database with the supplied password and with the hardware key

Possible Solution

Maybe supply a special note? I am not sure how to expose this feature to the user exactly.

Context

I want to have two yubikey-secured databases, one with accounts the phone+computer needs access to, and one database only the computer has access to. Obviously, on the computer I want to use autoopen to have access to all the passwords immediately.

droidmonkey commented 4 years ago

Since you are already using autoopen from a yubikey secured database, just use an insanely long master password on the other database. This is safely secured by your yubikey and will be completely uncrackable. Every time you save the database the master key is regenerated with a new randomized nonce. The only benefit Yubikey provides is a new challenge response generated for each save (besides being a hardware key). This is equivalent to changing your password on each save.

criemen commented 4 years ago

That works well for the computer, but to open the sub database on the phone, I don't want to enter an insanely long password on the phone. I want a reasonable password on the phone+yubikey, and a longer password+yubikey on the desktop. Furthermore, the phone shouldn't have access to all the goodies in the database on the desktop (in general, I trust the phone less than the desktop in terms of security).

droidmonkey commented 4 years ago

I interpreted your use case wrong, sorry. As of 2.5.3 you can use a key file with auto open, that gets you close. But this feature would be the next step.

knobhead commented 1 year ago

With hardware keys being used more widely, I'd like to resuscicate this feature proposal :-)

Is KeePassXC's repo a good starting point? Or would it make sense to propose this feature to other the devs of other kdbx Manager Applications with auto-open features first? I.E. write a proposal here and contact Dominik Reichel (KeeAutoExec), Kunzisoft/KeePassDX for Android and others projects, too?

knobhead commented 2 months ago

With the cool security key hot-plugging feature being introduced in 2.8.0 I had high hopes for this feature to be implemented, too – but it maybe it was intended for a 2.8.X release? 🤞🥺

Because right now there seems to be a discrepancy between what the Settings dialogue's wording promises („Remember key files and security dongles") and what the program does (only remembers key files, as I understand)?

grafik

Thanks for your work & best regards!

droidmonkey commented 2 months ago

@phoerious seems like we forgot to reimplement remembering hardware key state per database.