Some good information can be found in the plugin’s Read Me file. OtpKeyProv’s download zip includes a Read Me file that includes documentation and some interesting information on key size and security ratings. Drop the contents of the plugin into the Plugins folder in your KeePass installation path. You’ll also need to make sure that KeePass 2.x is installed along with the OtpKeyProv plugin. I’m going to opt for the GUI tool for this walkthrough. At the time of this post, the latest version is 3.1.25 (GUI) and 1.19.0 (CLI). You’re going to need the YubiKey Personalization Tool in order to make some configuration changes to your YubiKey. I’m assuming similar functionality will work with KeePassXC for Linux and MacOS but have no way of validating this. ![]() Note: I’m using Windows 10 and Android 10 (Q) in this post. This post will outline the steps necessary to convert a KeePass database over to using an OATH HOTP configuration slot on the YubiKey, along with NFC Data Exchange Format (NDEF) to supply values when using NFC. Ideally, this should be something I can do on my Windows desktop and Android phone! I gotta manage my keys, y’all!Īfter sleuthing around a bit, I found that this is indeed possible. Instead, I wanted to use a password combined with Open Authentication (OATH) HMAC-based One-time Password algorithm (HOTP) via the YubiKey. I have been using a combination of password and KeePass key file to protect the password database. ![]() However, after picking up the YubiKey 5 NFC and writing about how to set it up as a OTP source and as a security key, I was curious if I could switch to a more secure authentication model. My team used it as a secrets vault to share and safeguard various keys and passwords used for infrastructure components. I first stumbled upon it back when I was an IT Operations Manager for a medium sized organization. KeePass is an awesome, free, and open source password manager.
0 Comments
Leave a Reply. |