Support unlocking the same database in multiple ways #11582
Comments
|
This is already worked through this PR: #10311 I'll connect it to this issue |
|
That's perfect. I may also have found a limited workaround using Automatic Database Opening. |
|
Possible extension on the idea: allow different keys generically. This way one could create a Where I see the addition to the original proposal, it should also be allowed to open the database with different master passwords, without the distinction based on secondary authenticators. If my reading of #10311 is correct, that enables this too. The PR goes into basically the same direction as PGP/GPG does encryption for multiple parties (the gist is: the symmetric key is randomly generated and encrypted with each recipients' public key separetely). |
|
You can sort of do this already with the use of a key database, via the Auto-Open feature. Each family member would get their own key database with their own password etc, which contains only the Auto-Open entry for the shared database. Though you could also add private (not shared) entries in each such database. |
Have you searched for an existing feature request?
Brief Summary
Background
KeepassXC and compatible apps support several ways to unlock a database: 1) master password, 2) quick unlock, and 3) Yubikey. However, these methods of unlocking are not equally usable on different platforms. For example, it is both secure and convenient to use a long master password along with Quick Unlock on iPhones and Windows computers, because the long password makes the database secure while Quick Unlock with Face ID/Windows Hello uses the TPM to make unlocking fast and convenient without compromising security. By contrast, using the Yubikey with iPhone is insufferable because its NFC interaction with the phone is extremely unreliable. Yet on a Linux platform, since there is no Quick Unlock backed by TPM, entering a long master password would be inconvenient while a short password would be insecure. Using a Yubikey with a short password achieves both security and convenience. The problem is that you can only choose to use Yubikey or not use Yubikey and so you can only have a happy experience on certain platforms.
Proposed Solution
I propose that we make the same database to be unlockable by several different methods. In other words, the same database can have several master passwords, and some are used along with the Yubikey and some are not. I am not sure it is going to break the KeePass format, but theoretically the implementation seems easy -- we only need to encrypt the database with a randomly generated key, and then each master password can be used to encrypt this key. This means any master password can be used to decrypt the key, which can be used to decrypt the database.
Example
Encrypt the same database in two ways:
I can use #1 on iPhone and Windows, and #2 on Linux to work with the database securely and conveniently.
Context
No response
The text was updated successfully, but these errors were encountered: