Support KeePassXC TOTP attributes

Discuss possible implementation of a new feature for KyPass on iPhone
Post Reply
FrederickZh
Posts: 2
Joined: Tue Nov 27, 2018 3:03 am

Support KeePassXC TOTP attributes

Post by FrederickZh » Tue Nov 27, 2018 3:23 am

Is it possible to support TOTP attributes from other KeePass apps, e.g. KeePassXC? Personally I work on different OS's hence KeePassXC seems to be the best cross-platform desktop solution. It would be nice if I could set up TOTP in KeePassXC and use it in KyPass as well. (And I reckon using attributes looks a bit cleaner?) Not sure how other KeePass apps store TOTP configurations but if KyPass can be compatible with other popular KeePass apps it'd be terrific :D

Mr-Fly
Posts: 55
Joined: Tue Sep 25, 2018 7:17 pm

Re: Support KeePassXC TOTP attributes

Post by Mr-Fly » Tue Nov 27, 2018 1:33 pm

I believe there is no real standard for OTP integration.
www.keepass.info is the leading project and in this there is no OTP integration natively.
There are two plugins that can be used.
I am using KeeOTP, which stores the OTP Secret in an Additonal Field.
This works fine in Kypass and so it is compatible with the main project.
Where does KeepassXC Save the OTP Information? I would guess also in an additional field ?
How does the information look like? can you provide more information?
KeeOTP looks like this:
Field Name = otp
Field Value = "key=345234523452435324534534"
and Enable in-memory protection is enabled.
Kypass can read this and give a TOTP.

FrederickZh
Posts: 2
Joined: Tue Nov 27, 2018 3:03 am

Re: Support KeePassXC TOTP attributes

Post by FrederickZh » Wed Dec 05, 2018 10:00 am

KeePassXC uses two addition fields:

TOTP Seed: Original TOTP key. Spaces are allowed, e.g.

Code: Select all

xxxx xxxx xvhp lovk temd i2vr 4bat yu7h
TOTP Settings: <Time Step>;<Code Size>, e.g.

Code: Select all

30;6

Mr-Fly
Posts: 55
Joined: Tue Sep 25, 2018 7:17 pm

Re: Support KeePassXC TOTP attributes

Post by Mr-Fly » Thu Dec 06, 2018 5:33 am

So as you can see, it is not really standardized as Keepass natively does not support otp.
I believe that the PC edition would add the timing parameters to the url string it uses. I have never checked on that an can not, as I am on the road at the moment..

Post Reply