b7a1c620e4
Refactors the Passkey implementation to include more checks and a structure that is more aligned with the official specification. Notable changes: - _BrowserService_ no longer does the checks by itself. A new class _BrowserPasskeysClient_ constructs the relevant objects, acting as a client. _BrowserService_ only acts as a bridge between the client and _BrowserPasskeys_ (authenticator) and calls the relevant popups for user interaction. - A new helper class _PasskeyUtils_ includes the actual checks and parses the objects. - _BrowserPasskeys_ is pretty much intact, but some functions have been moved to PasskeyUtils. - Fixes Ed25519 encoding in _BrowserCBOR_. - Adds new error messages. - User confirmation for Passkey retrieval is also asked even if `discouraged` is used. This goes against the specification, but currently there's no other way to verify the user. - `cross-platform` is also accepted for compatibility. This could be removed if there's a potential issue with it. - Extension data is now handled correctly during Authentication. - Allowed and excluded credentials are now handled correctly. - `KPEX_PASSKEY_GENERATED_USER_ID` is renamed to `KPEX_PASSKEY_CREDENTIAL_ID` - Adds a new option "Allow localhost with Passkeys" to Browser Integration -> Advanced tab. By default it's not allowed to access HTTP sites, but `http://localhost` can be allowed for debugging and testing purposes for local servers. - Add tag `Passkey` to a Passkey entry, or an entry with an imported Passkey. Fixes #10287. |
||
|---|---|---|
| .github | ||
| .tx | ||
| cmake | ||
| docs | ||
| share | ||
| snap | ||
| src | ||
| tests | ||
| utils | ||
| .clang-format | ||
| .gitattributes | ||
| .gitignore | ||
| CHANGELOG.md | ||
| CMakeLists.txt | ||
| CODE-OF-CONDUCT.md | ||
| codecov.yaml | ||
| COPYING | ||
| INSTALL.md | ||
| LICENSE.BSD | ||
| LICENSE.CC0 | ||
| LICENSE.GPL-2 | ||
| LICENSE.GPL-3 | ||
| LICENSE.LGPL-2.1 | ||
| LICENSE.LGPL-3 | ||
| LICENSE.MIT | ||
| LICENSE.NOKIA-LGPL-EXCEPTION | ||
| LICENSE.OFL | ||
| README.md | ||
| release-tool | ||
| release-tool.ps1 | ||
| sonar-project.properties | ||
KeePassXC
KeePassXC is a modern, secure, and open-source password manager that stores and manages your most sensitive information. You can run KeePassXC on Windows, macOS, and Linux systems. KeePassXC is for people with extremely high demands of secure personal data management. It saves many different types of information, such as usernames, passwords, URLs, attachments, and notes in an offline, encrypted file that can be stored in any location, including private and public cloud solutions. For easy identification and management, user-defined titles and icons can be specified for entries. In addition, entries are sorted into customizable groups. An integrated search function allows you to use advanced patterns to easily find any entry in your database. A customizable, fast, and easy-to-use password generator utility allows you to create passwords with any combination of characters or easy to remember passphrases.
Quick Start
The QuickStart Guide gets you started using KeePassXC on your Windows, macOS, or Linux computer using pre-compiled binaries from the downloads page. Additionally, individual Linux distributions may ship their own versions, so please check your distribution's package list to see if KeePassXC is available. Detailed documentation is available in the User Guide.
Features List
KeePassXC has numerous features for novice and power users alike. Our goal is to create an application that can be used by anyone while still offering advanced features to those that need them.
Basic
- Create, open, and save databases in the KDBX format (KeePass-compatible with KDBX4 and KDBX3)
- Store sensitive information in entries that are organized by groups
- Search for entries
- Password generator
- Auto-Type passwords into applications
- Browser integration with Google Chrome, Mozilla Firefox, Microsoft Edge, Chromium, Vivaldi, Brave, and Tor-Browser
- Entry icon download
- Import databases from CSV, 1Password, and KeePass1 formats
Advanced
- Database reports (password health, HIBP, and statistics)
- Database export to CSV and HTML formats
- TOTP storage and generation
- Field references between entries
- File attachments and custom attributes
- Entry history and data restoration
- YubiKey/OnlyKey challenge-response support
- Command line interface (keepassxc-cli)
- Auto-Open databases
- KeeShare shared databases (import, export, and synchronize)
- SSH Agent integration
- FreeDesktop.org Secret Service (replace Gnome keyring, etc.)
- Additional encryption choices: Twofish and ChaCha20
For a full list of changes, read the CHANGELOG document.
For a full list of keyboard shortcuts, see KeyboardShortcuts.adoc
Building KeePassXC
Detailed instructions are available in the Build and Install page and in the Wiki.
Contributing
We are always looking for suggestions on how to improve KeePassXC. If you find any bugs or have an idea for a new feature, please let us know by opening a report in the issue tracker on GitHub, or join us on Matrix community channel or Matrix development channel, or on IRC in Libera.Chat channels #keepassxc and #keepassxc-dev.
You may directly contribute your own code by submitting a pull request. Please read the CONTRIBUTING document for further information.
Contributors are required to adhere to the project's Code of Conduct.
License
KeePassXC code is licensed under GPL-2 or GPL-3. Additional licensing for third-party files is detailed in COPYING.