MacPass Support YubiKey OTP

Would it be possible to implement the YubiKey OTP functionality so YubiKeys kan be used in combination with MacPass? Maybe this can help? https://github.com/Yubico/yubico-c-client

Sep 26 '13 08:09 Miljar

I take a look into it. There seems to be a OTP plugin for KeePass so this feature might actually be relevant. For now not on the high-prio list.

Oct 15 '13 21:10 mstarke

YubiKey OTP Support would be great!

Thanks for your fantastic work on MacPass! I was looking for a long time for a usefull KeePass client on Mac and finally I've found MacPass :-)

Dec 20 '14 08:12 heebj

I Discovered MacPass 2 weeks ago and I am relieved I did! Definitely the best way to use a keepass DB on a MAC! Thanks! On topic: Using Yubikey OTP would be great, but I'd feel better with 2 Factor Authentication, like described in this article: http://www.kahusecurity.com/2014/securing-keepass-with-a-second-factor/ that uses OtpKeyProv and KeeChallenge... Anyway, that would be a great addition!

Jan 08 '15 10:01 mjacquet

+1

Jan 12 '15 02:01 wifiprintguy

I'd love to have this fonction too!

Your app is great by the way!! :)

May 08 '15 14:05 Scoubi

+1 for OATH HOTP standard (RFC 4226)

May 08 '15 15:05 digitalkram

This would be great functionality to have, though I understand the timing may be premature. The quality of your app is great, I forget it's pre-release.

May 08 '15 15:05 madelinecr

+1 for OATH HOTP standard (RFC 4226)

Jun 04 '15 12:06 groetzner-net

another +1

Jun 04 '15 12:06 wifiprintguy

+1 for OATH HOTP, without it I can't use KeePass (and thus MacPass) on OSX

Jun 08 '15 06:06 rother

+1

Jun 08 '15 17:06 kingdonko

Hi, with the recent breach of LastPass support for a Yubikey OTP for Macpass is becoming even more important.

Can you please consider adding this? The pluggin is Open Source, your work is Open Source. If anyone have any Mac Coding skills, please help us! :)

Jun 16 '15 13:06 Scoubi

+1

Jul 24 '15 08:07 hyperized

+1

Jul 30 '15 14:07 NicolaivdSmagt

+1

Jul 31 '15 14:07 darii

+1

Aug 05 '15 14:08 tristan-k

I've cloned the repo to incorporate @kylemanna HMAC-SHA1 Challenge & Response pull request for keepassx. Updating KeePassKit is probably doable but I don't know the first thing about Cocoa UI.

@mstarke Thanks for all your hard work!

Aug 21 '15 01:08 KFDCompiled

@KFDCompiled nice of you to start on this. But just a warning: I've already moved on with KeePassKit (current master is ahead of the one used in MacPass, as you'll probably already have found out) to be able to create it as a Framework and to implement undo/redo with history support. I'm on a good path but it will take a bit more time as I've got limited free time atm. Another thing is, that I wanted to start adding a plugin interface to decouple the features from KeePassKit and MacPass. Should we try to use your approach to flesh out a plugin interface? As I understand it you need UI and KeePassKit extensions so there needs to be two sets of plugins - for KeePassKit and for MacPass.

Aug 21 '15 07:08 mstarke

@mstarke I agree that converting KeePassKit into a xcode framework is a robust solution. Based on Issue #350 and Apple's Guide, do you think the putative KeePassKit.framework should handle plug-in arch?

Aug 21 '15 20:08 KFDCompiled

Should we try to use your approach to flesh out a plugin interface?

@mstarke yes, I think the existing codebase—from KeeChallenge, @kylemanna's fork of keepassx, and yubico-c—give enough to assemble a prototype plugin.

Aug 22 '15 01:08 KFDCompiled

@KFDCompiled i think there should be plugins both for MacPass as well as for KeePassKit, as there needs to be support on the data side but also on the GUI front end. That arises the problem of dependencies on plugins. e.g if we need additional inputs on the password screen that's a MacPass plugin but the KeePassKit has to handle the data provided by the additional inputs. Maybe I should just scrap the separation of KeePassKit and integrate it into MacPass but that removes the possibility for others to use the framework just to be able to parse stuff.

Sep 21 '15 09:09 mstarke

@mstarke moved the conversation to Issue #350

Sep 27 '15 16:09 KFDCompiled

Now that the plugin architecture is initiated can someone outline what it would take to make a yubikey plugin for macpass ?

Mar 01 '16 09:03 jeantil

It's not that easy as MacPass might need more support for UI extensions. The Plugin system currently is "just load code and show some settings" more support is needed but that requires more details on the requirement for specific plugins

Mar 01 '16 09:03 mstarke

+1

Mar 15 '16 23:03 Ardakilic

+1 for this feature.

Apr 20 '16 12:04 amnk

+1 for OATH HOTP standard (RFC 4226) support. It's simply a must have feature today. P. S.: I can't help with implementation but I can with localization.

Apr 20 '16 22:04 nimdajitam

Also looking forward to this. Eventhough there is MacPassHTTP, the yuibkey support of keypass is the reason i consider migrating away from 1password ( beside *pass also supports basic auth, application auth and much more, due to autotype )

May 08 '16 09:05 EugenMayer

@mstarke I am willing to offer a yubikey if it helps speed up implementation :)

Jul 29 '16 11:07 jeantil

It's generous of you to offer a key but the lack of hardware isn't an issue. It's lack of time. I'm more than happy to merge pull requests but for now I'm still struggling getting to implement all the basic features e.g. history or synchronization.

Aug 01 '16 06:08 mstarke