6d1fc31e96
* Support NFC readers for hardware tokens using PC/SC This requires a new library dependency: PCSC. The PCSC library provides methods to access smartcards. On Linux, the third-party pcsc-lite package is used. On Windows, the native Windows API (Winscard.dll) is used. On Mac OSX, the native OSX API (framework-PCSC) is used. * Split hardware key access into multiple classes to handle different methods of communicating with the keys. * Since the Yubikey can now be a wireless token as well, the verb "plug in" was replaced with a more generic "interface with". This shall indicate that the user has to present their token to the reader, or plug it in via USB. * Add PC/SC interface for YubiKey challenge-response This new interface uses the PC/SC protocol and API instead of the USB protocol via ykpers. Many YubiKeys expose their functionality as a CCID device, which can be interfaced with using PC/SC. This is especially useful for NFC-only or NFC-capable Yubikeys, when they are used together with a PC/SC compliant NFC reader device. Although many (not all) Yubikeys expose their CCID functionality over their own USB connection as well, the HMAC-SHA1 functionality is often locked in this mode, as it requires eg. a touch on the gold button. When accessing the CCID functionality wirelessly via NFC (like this code can do using a reader), then the user interaction is to present the key to the reader. This implementation has been tested on Linux using pcsc-lite, Windows using the native Winscard.dll library, and Mac OSX using the native PCSC-framework library. * Remove PC/SC ATR whitelist, instead scan for AIDs Before, a whitelist of ATR codes (answer to reset, hardware-specific) was used to scan for compatible (Yubi)Keys. Now, every connected smartcard is scanned for AIDs (applet identifier), which are known to implement the HMAC-SHA1 protocol. This enables the support of currently unknown or unreleased hardware. Co-authored-by: Jonathan White <support@dmapps.us> |
||
|---|---|---|
| .github | ||
| .tx | ||
| cmake | ||
| docs | ||
| share | ||
| snap | ||
| src | ||
| tests | ||
| utils | ||
| .clang-format | ||
| .gitattributes | ||
| .gitignore | ||
| CHANGELOG.md | ||
| CMakeLists.txt | ||
| CODE-OF-CONDUCT.md | ||
| codecov.yaml | ||
| COPYING | ||
| INSTALL.md | ||
| LICENSE.BSD | ||
| LICENSE.CC0 | ||
| LICENSE.GPL-2 | ||
| LICENSE.GPL-3 | ||
| LICENSE.LGPL-2.1 | ||
| LICENSE.LGPL-3 | ||
| LICENSE.MIT | ||
| LICENSE.NOKIA-LGPL-EXCEPTION | ||
| LICENSE.OFL | ||
| README.md | ||
| release-tool | ||
| sonar-project.properties | ||
KeePassXC
KeePassXC is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted in customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
Quick Start
The QuickStart Guide gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the downloads page. Additionally, individual Linux distributions may ship their own versions, so please check your distribution's package list to see if KeePassXC is available. Detailed documentation is available in the User Guide.
Features List
KeePassXC has numerous features for novice and power users alike. Our goal is to create an application that can be used by anyone while still offering advanced features to those that need them.
Basic
- Create, open, and save databases in the KDBX format (KeePass compatible to KDBX4 and KDBX3)
- Store sensitive information in entries that are organized by groups
- Search for entries
- Password generator
- Auto-Type passwords into applications
- Browser integration with Google Chrome, Mozilla Firefox, Microsoft Edge, Chromium, Vivaldi, Brave, and Tor-Browser
- Entry icon download
- Import databases from CSV, 1Password, and KeePass1 formats
Advanced
- Database reports (password health, HIBP, and statistics)
- Database export to CSV and HTML formats
- TOTP storage and generation
- Field references between entries
- File attachments and custom attributes
- Entry history and data restoration
- YubiKey/OnlyKey challenge-response support
- Command line interface (keepassxc-cli)
- Auto-Open databases
- KeeShare shared databases (import, export, and synchronize)
- SSH Agent
- FreeDesktop.org Secret Service (replace Gnome keyring, etc.)
- Additional encryption choices: Twofish and ChaCha20
For a full list of changes, read the CHANGELOG document.
For a full list of keyboard shortcuts, see KeyboardShortcuts.adoc
Building KeePassXC
Detailed instructions are available in the Build and Install page and in the Wiki.
Contributing
We are always looking for suggestions on how to improve KeePassXC. If you find any bugs or have an idea for a new feature, please let us know by opening a report in the issue tracker on GitHub, or join us on Matrix community channel or Matrix development channel, or on IRC in Libera.Chat channels #keepassxc and #keepassxc-dev.
You may directly contribute your own code by submitting a pull request. Please read the CONTRIBUTING document for further information.
Contributors are required to adhere to the project's Code of Conduct.
License
KeePassXC code is licensed under GPL-2 or GPL-3. Additional licensing for third-party files is detailed in COPYING.