MacPass icon indicating copy to clipboard operation
MacPass copied to clipboard

Support YubiKey OTP

Open Miljar opened this issue 12 years ago • 54 comments

Would it be possible to implement the YubiKey OTP functionality so YubiKeys kan be used in combination with MacPass? Maybe this can help? https://github.com/Yubico/yubico-c-client

Miljar avatar Sep 26 '13 08:09 Miljar

I take a look into it. There seems to be a OTP plugin for KeePass so this feature might actually be relevant. For now not on the high-prio list.

mstarke avatar Oct 15 '13 21:10 mstarke

YubiKey OTP Support would be great!

Thanks for your fantastic work on MacPass! I was looking for a long time for a usefull KeePass client on Mac and finally I've found MacPass :-)

heebj avatar Dec 20 '14 08:12 heebj

I Discovered MacPass 2 weeks ago and I am relieved I did! Definitely the best way to use a keepass DB on a MAC! Thanks! On topic: Using Yubikey OTP would be great, but I'd feel better with 2 Factor Authentication, like described in this article: http://www.kahusecurity.com/2014/securing-keepass-with-a-second-factor/ that uses OtpKeyProv and KeeChallenge... Anyway, that would be a great addition!

mjacquet avatar Jan 08 '15 10:01 mjacquet

+1

wifiprintguy avatar Jan 12 '15 02:01 wifiprintguy

I'd love to have this fonction too!

Your app is great by the way!! :)

Scoubi avatar May 08 '15 14:05 Scoubi

+1 for OATH HOTP standard (RFC 4226)

digitalkram avatar May 08 '15 15:05 digitalkram

This would be great functionality to have, though I understand the timing may be premature. The quality of your app is great, I forget it's pre-release.

madelinecr avatar May 08 '15 15:05 madelinecr

+1 for OATH HOTP standard (RFC 4226)

groetzner-net avatar Jun 04 '15 12:06 groetzner-net

another +1

wifiprintguy avatar Jun 04 '15 12:06 wifiprintguy

+1 for OATH HOTP, without it I can't use KeePass (and thus MacPass) on OSX

rother avatar Jun 08 '15 06:06 rother

+1

kingdonko avatar Jun 08 '15 17:06 kingdonko

Hi, with the recent breach of LastPass support for a Yubikey OTP for Macpass is becoming even more important.

Can you please consider adding this? The pluggin is Open Source, your work is Open Source. If anyone have any Mac Coding skills, please help us! :)

Scoubi avatar Jun 16 '15 13:06 Scoubi

+1

hyperized avatar Jul 24 '15 08:07 hyperized

+1

NicolaivdSmagt avatar Jul 30 '15 14:07 NicolaivdSmagt

+1

darii avatar Jul 31 '15 14:07 darii

+1

tristan-k avatar Aug 05 '15 14:08 tristan-k

I've cloned the repo to incorporate @kylemanna HMAC-SHA1 Challenge & Response pull request for keepassx. Updating KeePassKit is probably doable but I don't know the first thing about Cocoa UI.

@mstarke Thanks for all your hard work!

KFDCompiled avatar Aug 21 '15 01:08 KFDCompiled

@KFDCompiled nice of you to start on this. But just a warning: I've already moved on with KeePassKit (current master is ahead of the one used in MacPass, as you'll probably already have found out) to be able to create it as a Framework and to implement undo/redo with history support. I'm on a good path but it will take a bit more time as I've got limited free time atm. Another thing is, that I wanted to start adding a plugin interface to decouple the features from KeePassKit and MacPass. Should we try to use your approach to flesh out a plugin interface? As I understand it you need UI and KeePassKit extensions so there needs to be two sets of plugins - for KeePassKit and for MacPass.

mstarke avatar Aug 21 '15 07:08 mstarke

@mstarke I agree that converting KeePassKit into a xcode framework is a robust solution. Based on Issue #350 and Apple's Guide, do you think the putative KeePassKit.framework should handle plug-in arch?

KFDCompiled avatar Aug 21 '15 20:08 KFDCompiled

Should we try to use your approach to flesh out a plugin interface?

@mstarke yes, I think the existing codebase—from KeeChallenge, @kylemanna's fork of keepassx, and yubico-c—give enough to assemble a prototype plugin.

KFDCompiled avatar Aug 22 '15 01:08 KFDCompiled

@KFDCompiled i think there should be plugins both for MacPass as well as for KeePassKit, as there needs to be support on the data side but also on the GUI front end. That arises the problem of dependencies on plugins. e.g if we need additional inputs on the password screen that's a MacPass plugin but the KeePassKit has to handle the data provided by the additional inputs. Maybe I should just scrap the separation of KeePassKit and integrate it into MacPass but that removes the possibility for others to use the framework just to be able to parse stuff.

mstarke avatar Sep 21 '15 09:09 mstarke

@mstarke moved the conversation to Issue #350

KFDCompiled avatar Sep 27 '15 16:09 KFDCompiled

Now that the plugin architecture is initiated can someone outline what it would take to make a yubikey plugin for macpass ?

jeantil avatar Mar 01 '16 09:03 jeantil

It's not that easy as MacPass might need more support for UI extensions. The Plugin system currently is "just load code and show some settings" more support is needed but that requires more details on the requirement for specific plugins

mstarke avatar Mar 01 '16 09:03 mstarke

+1

Ardakilic avatar Mar 15 '16 23:03 Ardakilic

+1 for this feature.

amnk avatar Apr 20 '16 12:04 amnk

+1 for OATH HOTP standard (RFC 4226) support. It's simply a must have feature today. P. S.: I can't help with implementation but I can with localization.

nimdajitam avatar Apr 20 '16 22:04 nimdajitam

Also looking forward to this. Eventhough there is MacPassHTTP, the yuibkey support of keypass is the reason i consider migrating away from 1password ( beside *pass also supports basic auth, application auth and much more, due to autotype )

EugenMayer avatar May 08 '16 09:05 EugenMayer

@mstarke I am willing to offer a yubikey if it helps speed up implementation :)

jeantil avatar Jul 29 '16 11:07 jeantil

It's generous of you to offer a key but the lack of hardware isn't an issue. It's lack of time. I'm more than happy to merge pull requests but for now I'm still struggling getting to implement all the basic features e.g. history or synchronization.

mstarke avatar Aug 01 '16 06:08 mstarke