Jonathan White
Jonathan White
Ahhh I see we don't ignore syntax errors when actually performing the typing, need to fix that. https://github.com/keepassxreboot/keepassxc/blob/develop/src%2Fautotype%2FAutoType.cpp#L781
I don't think this is a duplicate, might be a tad challenging to fix though since resolving references requires access to a database object which we don't expose to the...
There are very good reasons for the behavior you witness, we obviously want consistency through a multi step login process so randomly switching between two entries is definitely not desirable....
Why do you think that the passkey confirmation dialog doesn't suffice as a user presence check? That part has me very confused.
However, the request said to discourage user presence check. We could certainly ignore that request or have a setting for the user to "always require confirmation of passkey requests".
I think you fundamentally misunderstand the role of the browser extension. It is NOT the client in the spec, that is actually the browser itself. The browser communicates with the...
> and therefore needs to provide the internal create and get methods No, that is the role of the authenticator. The client merely brokers with the authenticator. The client does...
@Ortham I see what you are saying now after sleeping on it. KeePassXC is basically forced to combine two roles of the client (Create/Retrieve) and the Authenticator roles. This is...
> So an attacker could use a logged in users session, keylog the password the user enters for the database. Download the database file. You've lost right there. Nothing we...