KeePassium icon indicating copy to clipboard operation
KeePassium copied to clipboard

Published 20 hours ago verified publisher icon keepassium

Add support for KeeShare

Open basbebe opened this issue 3 years ago • 5 comments

Describe a feature you'd like I'd like KeeShare files fully supported.

KeeShare allows you to share a subset of your credentials with others and vice versa.

see

  • https://www.tpidg.us/keeshare-secure-password-sharing-nsc-78/
  • https://github.com/keepassxreboot/keepassxc/blob/develop/docs/topics/KeeShare.adoc

At the moment it works, but only if the Keeshare files are created without a signature. Also I don't know if all features like sync, read-only, etc. would be fully supported as of right now.

Additional context It makes it more easy to have a more granulated access policy.
e.g. have a main keepassxc database and share only a keeshare file w/ e.g. web logins to share (e.g. via syncthing) with Strongbox on iOS.

basbebe avatar Jan 09 '21 13:01 basbebe

This is awesome! I did not know about KeeShare, but it seems like a great workaround for multi-user access.

Implementing it would require a lot of ground work, but seems very much worth it.

Thank you for the suggestion!

keepassium avatar Jan 10 '21 23:01 keepassium

Is this great feature on the roadmap for future releases?

cdrehner avatar May 28 '22 09:05 cdrehner

Is this great feature on the roadmap for future releases?

Definitely yes.

keepassium avatar May 28 '22 09:05 keepassium

I would love to see support added for KeeShare as well. Currently KeeShare groups are shown and are initially synchronized, but data will quickly get out of sync in various ways, if you actually try to edit or create items inside the shared group from within KeePassium. Here is what I tested:

KeeShare setting

  • Synchronize on all

User A

  • iPhone user A using KeePassium
  • iPhone user A using Strongbox
  • macOS user A using KeePassXC

User C

  • iPhone user C using KeePassium
  • iPhone user C using Strongbox
  • macOS user C using KeePassXC

Test sync behavior

  • All devices synced

  • Create new item in shared Group by macOS user A using KeePassXC

    • synced correctly to...
      • iPhone user A using KeePassium (db initially refused to refresh - requiring restart of KeePassium)
      • iPhone user A using Strongbox
      • macOS user C using KeePassXC
      • iPhone user C using Strongbox
      • iPhone user C using KeePassium (db initially refused to refresh)

  • Create a new item in shared Group by macOS user A using KeePassium

    • does not show up for...
      • iPhone user C using KeePassium
      • iPhone user C using Strongbox
      • macOS user C using KeePassXC

Basically items become private to the KeePassium user who created them in the shared group. Editing existing items inside the shared group creates quite a mess rather quickly... - This makes using the KeeShare feature on KeePassXC unusable, if you are also using any KeePass apps (such as KeePassium) on devices that do not yet support KeeShare.

chriswayg avatar Aug 21 '22 09:08 chriswayg

I'm currently using Kypass on iOS and was looking around what other alternatives there are. I do already use Keepassium free for a single database on a USB stick. On my main database, I also make use of the KeeShare feature, but it seems that this isn't supported by any of the iOS apps I looked at.

If this were to become available on KeePassium, it would make the decision easier for me as I do like the perpetual premium offer - that's a really great idea as I'm generally not a fan of subscriptions.

rainforest1155 avatar Nov 28 '23 11:11 rainforest1155