Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

View entries as QR codes #96

Closed
TheZ3ro opened this issue Nov 13, 2016 · 9 comments
Closed

View entries as QR codes #96

TheZ3ro opened this issue Nov 13, 2016 · 9 comments

Comments

@TheZ3ro
Copy link
Contributor

TheZ3ro commented Nov 13, 2016

Expected Behavior

Based on keepassx/keepassx#187

Add a feature which allows an entry's username and password to be viewed as
QR codes. The QR codes are hidden until a button is clicked, which reveals
them for a limited time, the timeout being settable in the settings dialog.

This is useful for being able to quickly enter long and secure passwords
into mobile devices.

This option can be disabled at compile time.
Also should be good discuss the security of a QR reader on the phone
@droidmonkey
Copy link
Member

Need to understand the use case. What application reads this qr code on the phone and for what purpose. Seems out of scope to me.

@TheZ3ro
Copy link
Contributor Author

TheZ3ro commented Nov 13, 2016

Yep, I was only reporting this from the KeePassX repo for discussing it

@weatherhead99
Copy link

the idea is simply that I have ~400 entries in a keepassx database, and need to login to a couple of apps on my phone (e.g. twitter, reddit etc). I don't need (or want) a full copy of the database on my phone. But typing in a 40 character password consisting mainly of symbols manually in the phone is a real pain.

This was just something I cooked up when I finally got really frustrated with it.

@droidmonkey
Copy link
Member

droidmonkey commented Nov 13, 2016
edited
Loading

How are you transporting the QR Code information into the login field? Is there some app that accomplishes that on the phone? Seems rather insecure to use an app like ZXing to put your password into the scan history of the app...

@TheZ3ro
Copy link
Contributor Author

TheZ3ro commented Nov 13, 2016

I think it's better to have a feature to export the selected entry from the current database instead of this. It's not a secure approach

@droidmonkey
Copy link
Member

It's an interesting idea, but not currently anything we would want to implement without an end-to-end solution.

@droidmonkey droidmonkey mentioned this issue Mar 5, 2017
Closed
@lbssousa
Copy link

A real use case I have here with original "KeePass + TOTP/QR code plugins" is exposing my TOTP keys in QR code, so I can import them easily to my Google Authenticator app.

@TheZ3ro
Copy link
Contributor Author

TheZ3ro commented Jun 13, 2017

@lbssousa that is a different issue. Instead of viewing an entire entry as QR Codes you need to view only the TOTP key as QR Code.

@TheZ3ro TheZ3ro mentioned this issue Jun 26, 2017
Open
@sim0nx sim0nx mentioned this issue Jul 11, 2017
Closed
@erikvanoosten erikvanoosten mentioned this issue Dec 29, 2019
Closed
@vogthenn
Copy link

Referring to @droidmonkey end-to-end solution: Keepass application on Android can create entries from QR Code in a secure way. It really would make sense to revisit this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@TheZ3ro @weatherhead99 @lbssousa @droidmonkey @vogthenn