KeePassDX icon indicating copy to clipboard operation
KeePassDX copied to clipboard

Published 20 hours ago verified publisher icon Kunzisoft

Unlock a database with a key from an NFC dongle.

Open dlichtistw opened this issue 2 years ago • 4 comments

Is your feature request related to a problem? Please describe.

If a keyfile is used to unlock a database, and that keyfile is stored on the same device as the database, it offers no (additional) protection in case of loss or theft of that device.

Describe the solution you'd like

Use a key stored on a separate device (such as an NFC dongle) as a substitute for an on-device keyfile (or as an additional factor).

Describe alternatives you've considered

There is KeePass NFC, which can be used to unlock databases in KeePassDroid (and Keepass2Android). But both of these projects seem to have been abandoned.

Unlocking with biometric factors is easy. But these factors are written on the user's face or all over his phone, and they are hard to keep secret.

dlichtistw avatar Apr 09 '22 15:04 dlichtistw

Yes, this is a feature to consider. A possible workflow is to use a key file on a USB stick in OTG but this requires a physical connection.

I could see NFC as another advanced unlock method, and make the advanced unlock capable of storing a password but also a key file.

I will think about its implementation so that it is possible to accumulate and interchange the unlocking methods.

J-Jamet avatar Apr 09 '22 15:04 J-Jamet

@J-Jamet

Hi. How could I help for NFC unlock?

This is from the readme:

Contributions - Add features by making a pull request

But git push returns error message:

remote: Permission to Kunzisoft/KeePassDX.git denied to plamenjm.

Do we have permissions to create new branch and push?

plamenjm avatar Jul 05 '22 16:07 plamenjm

@plamenjm You can't make a push directly to the official repo. You have to make a pull request from one of the branches of your fork. https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests

In any case, NFC must be discussed because a common standard must be defined for all ports with good documentation. My first idea would be to make it a new element in the list of hardware keys (https://github.com/Kunzisoft/KeePassDX/tree/feature/Hardware_Key).

J-Jamet avatar Jul 05 '22 17:07 J-Jamet

@J-Jamet Thanks. I had to fork the repo first. You are right about discussion FIRST.

Anyway, I started from master branch recently. You have new PR. Hopefully, the description is good enough.

I did not check "Hardware_Key" branch yet. (I do not know about "list of hardware keys". Or I do not understand you.) I will check the "Hardware_Key" branch.

plamenjm avatar Jul 05 '22 18:07 plamenjm