this post was submitted on 17 Aug 2023
17 points (100.0% liked)

Privacy

31934 readers
627 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Thanks for all the comments. Currently I use KeepassXD/DX + Syncthing.

I hash my password with fingerprint on Android, keep a seperate database containing that one in another place for backup. Maybe thats stupid, but I cant type on a phone.

On Linux I use KWallet, store the Keepass password there, and have a shortcut fetching that password and inserting it into the Keepass wallet using KeepassXC. Works with one click too.

Problems

  • all entries are either locked or unlocked
  • to have autofill working, the app cant be killed (Android)
  • also, all passwords need to be decrypted for it to work

I dont see that this is the best solution. Decrypted, maybe hashed metadata possible to detect autofill fields, and then selectively unlock the needed credentials, would be better.

you are viewing a single comment's thread
view the rest of the comments
[–] Vexz@kbin.social 8 points 1 year ago (2 children)

I don't know about iOS but if you use an Android you can try Bitwarden. It detects credential fields and when you tap in them a little popup appers that offers Bitwarden to auto-fill these fields. When you then tap on that it opens Bitwarden and it offers all fitting entries from your vault. Select the one you want to use and then it fills the fields.
Maybe that's what you're looking for? I really love that feature.

[–] Pantherina@feddit.de 1 points 1 year ago (3 children)

Thanks but I guess their db works exactly like Keepass. It has to be fully unlocked for that to work, and I dont know if that makes sense.

[–] Stephen304@lemmy.ml 2 points 1 year ago (1 children)

You can actually keep it locked and it still works. It just prompts you to unlock it when you press the auto fill button. It also means that it won't show autofill suggestions on the login screen and just a generic bitwarden autofill button. You can change how long it stays unlocked for between immediately to any custom number of hours / minutes or only on app restart.

[–] Pantherina@feddit.de 1 points 1 year ago (1 children)

Interesting yes I think thats correct! So it actually does work on Android, just not as well on Linux, if at all with the Flatpak mess.

[–] Stephen304@lemmy.ml 2 points 1 year ago (1 children)

Yeah I don't use the flatpak / desktop app at all, since I have the browser extension installed which does autofill and also has the same vault lock options as the mobile app.

[–] Pantherina@feddit.de 1 points 1 year ago

Okay thats pretty nice then

[–] Vexz@kbin.social 2 points 1 year ago* (last edited 1 year ago)

No, it doesn't. I just tested it. I restarted my phone to make sure Bitwarden is closed, Opened the browser and opened a website where I have an account. In the login mask where I was prompted to insert my credentials the little popup appeared and when I tapped on it Bitwarden opened. It wanted me to enter my Master-Password so I did just that and it opened the DB to offer me the entries for auto-fill. You can even set a preference to immediately lock the DB after a single use and to always prompt the Master-Password (+ 2FA (optionally)) if you want.

Edit: Hell, you could even make it completely sign you out after every single use so you'd have to re-enter your email address, Master-Password and TOTP for 2FA. Not even KeePass offers you that level of security because you don't need a username for your DB.

[–] Benign@kbin.social 2 points 1 year ago

Works like this for me:
Tap password field
Bitwarden pops up requesting fingerprint to unlock
Select the credentials you want to use
Autofill

Not quite sure what you mean by fully unlocked here. I don't see the problem with all credentials being unlocked if you have to unlock on every access to the db.

[–] max@feddit.nl 1 points 1 year ago

+1 for Bitwarden, regardless of platform, and regardless of whether it ticks all your boxes or not. It’s just good.