KeePass Error with KeePassWinHelloPlugin.plgx and after Upgrade to Windows 11 22H2-22621

[PRhodan]

Hello, I started a thread in KeePass Discussion, probably my problem is better here. https://sourceforge.net/p/keepass/discussion/329221/thread/e3fb256ee8/ Greetings

[RueleuR]

I can confirm the issue after the upgrade to Win11 22H2 using WinHello.

Befor unlocking an error message pops up that shows the path of the data base and says: "Failed to Ioad the specified file! The master key is invalid! Make sure that the master key is correct and try it again."

After pressing OK the Hello unlockscreen appears and a normal unlock is possible.

Plugin Settings: (x) Use quick unlock via Windows Hello authorization ifit is available (x) Revoke current key in case Windows Hello prompt was cancelled (o) Store keys in the Windows Credential Manager

Desipte that I've random keepass crashes and sometimes high system load through the keepass app. Both didn't exist before the Win11 22H2 upgrade

[PRhodan]

@RueleuR "(o) Store keys in the Windows Credential Manager" Thx, I have changed this setting now, it does not have to be in the Windows credential manager.

[frostynumeral]

I can also confirm the issue after the upgrade to Win11 22H2. The suggestion to not store keys in the Windows Credential Manager also loses persistent key ability, so it's not really a good workaround.

[agrenott]

I didn't enable "(o) Store keys in the Windows Credential Manager", but the error popup still appears each time.

[DrFrankBV]

Same issue here. Always getting the error message when opening the DB.

• Store in Windows Credential Manager is active
• When I deactivate this option then the Plugin does not work at all (the Hello prompt does not appear)

[DrFrankBV]

I think I found the root cause for this error: It will occur only if you have "Enter Master Key on Secure Desktop" enabled in the KeePass Security settings..

I'll leave it to the developers to check if there is a way around it while leaving the option enabled. Maybe they could show at least a warning on the config page of the plugin, if the option is active or mention it in the know issues section of the Docu?

[PRhodan]

DrFrankBV, yes I have "Enter Master Key on Secure Desktop" enabled. And yes, you have found the root cause for this error. Thanks!

[OrihalconDE]

Wow, that's some pain in the ass. So we now have to choose between a security feature preventing keylogging or keeping our comfort with windows hello and giving up on security. Thank you Windows for this shit.

[PRhodan]

https://github.com/sirAndros/KeePassWinHello/releases/tag/v3.2 Aug 19, 2021 !