6/20/2023 0 Comments Keepassxc windows hello![]() It interacts with user and handles errors, such as error when user canceled operation or when stored key can't be decrypted for various reasons i.e. This class acts as a "glue" code between KeePassXC code base and WinHelloKeyManager. back-end: WinHelloKeyManager class, which is responsible for storing, authenticating and retrieving the database key.Ĭlass tries to mimics a bit C# Ke圜redentialManager class.The back-end was inspired by KeePassWinHello, thought temporary storage is not implemented. This key is then used to encrypt database key, and encrypted database key is stored on windows using Credential API. ![]() Note, windows store this key either in TPM if available or is SW protected via system. In essence, CNG creates RSA 2048 bit encryption key via Microsoft Passport storage provider and "locks" it on Windows Hello authenticator when key is used for decryption. This feature can be used if user has set Windows Hello PIN or biometrics to unlock their account. This is draft PR which adds support to store and retrieve KeePassXC database password key using Windows Credential API and Microsoft Passport Api.
0 Comments
Leave a Reply. |