nyxt
nyxt copied to clipboard
Add TOTP support for KeyPassXC
I think we must implement TOTP
support for current password-interface
and after enable support for currently supported password managers. Which will also fix https://github.com/atlas-engineer/nyxt/issues/1567.
What do you think, guys?
I'm not really familiar with what kind of page-manipulating functionality Nyxt has, but seems like it must be very capable of doing some nice automation inside the page.
In particular recognizing form inputs used for authentication workflow by websites (like username
, password
and totp
related fields).
As a good example we can use keepassxreboot/keepassxc-browser extension and it's functionality.
We don't really need all of it's features, bug at least auto-filling username
, password
and totp
codes would make life so much easier.
Does anyone already working on TOTP
related functionality?
Potential workflow:
-
Open website's login page
-
Hit defined keybinding or manually run
auto-fill-login
-
User will be prompted to select element on the page (target) he wants to auto-fill with
username
Likef
invi-normal-mode
for forinput
/textarea
fields only.By default
auto-fill-username
command will use(url (current-buffer))
as filter argument (suggest only items for currentdomain
orhost
). If there's more than one item available, show auto-complete pane, if not, auto-fill selected input. -
If
auto-fill-username
command executed successfully executeauto-fill-password
automatically. By default, next input might be selected as a target. Similar to most forms behavior, when after typingusername
you can hitTab
key and focus will be moved topassword
field.In real implementation this step's logic will be more complecated then description above, of course.
-
If site supports
2FA
additional step might be added. List of sites supporting2FA
can be found at: https://2fa.directory Not sure yet if it would be a good idea to integrate it insidepassword-interface
for future use by other password-managers.
Support use of separate KeePassXC database for TOTP
codes only
Also another very important change we need to make to current implementation of password-keepassxc.lisp
is an option to have two files specified in configuration.
One file would be used to auto-fill username
s and password
s and another one will be responsible for totp
codes only.
This kind of setup mentioned in KeyPassXC FAQ and this feature has been implemented in keepassxc-browser
extension (see keepassxreboot/keepassxc-browser/issues/1162 for more details).
I will come back with more thoughts in the comments below.