Add QuickUnlock Feature

[seatedscribe]

With the newest and coolest feature of passphrase generator finally merged in, I find this request even more opportune - as you could tell, I have a LONG passphrase as master key for any of my databases, so my opinion may be a little biased 😄

A rationale for this feature request is best explained by the author of keepass2android. I use this app regularly on a daily base and could not even think of practically handling the unlock procedure without this service. Here it goes, step by step (courtesy of https://keepass2android.codeplex.com/)

You should protect your password database with a strong (i.e. random and LONG) password including upper and lower case as well as numbers and special characters. Typing such a password on a mobile phone every time you unlock your database is time-consuming and error-prone.

• Use a strong password for your database
• Load your database and type the strong password once. Enable QuickUnlock
• The application is locked after the time specified in the settings
• If you want to re-open your database, you can type just a few characters (by default, the last 3 characters of your password) to unlock quickly and easily!
• If the wrong QuickUnlock key is entered, the database is locked and the full password is required to re-open

Is this safe? First: it allows you to use a really strong password, this increases safety in case someone gets your database file. Second: If you loose your phone someone seize your laptop and tries to open your password database, the attacker has exactly one chance to make use of QuickUnlock. When using 3 characters and assuming 70 characters in the set of possible characters, the attacker has a 0.0003% chance of opening the file. If this sounds still too much for you, choose 4 or more characters in the settings.

I am not an expert on how this should be done correctly from a crypto perspective, but I am available and open to collaborations so to have this feature implemented ✅

[StefanB08]

I agree that it is practical and use it myself, but it do actually makes your DB a lot less safe against a advanced attacker. The safety example is only true if you do not take cloning/imaging into account. By cloning the unit, the attacker will have a indefinite tries to enter the correct password. And as you have practically shortened your 70 character keylength down to a very weak 3 character password it will be possible to unlock the unit in a very little amount of time.

By using the quick unlock there is also a chance that the user will lock themselves out of the DB if they forget the true password and is only used to enter the short version of the full password.

I'm not against quick unlock, but I strongly believe it's critical to not mislead the user into thinking they are more or even equally secure by using it.

[TheZ3ro]

I think this is a good thing for an opt-in option with the ability to select the length.

Like @StefanB08 suggested, if your adversary have great capabilities this will effectively lower your security. For the average user I don't think it's a great problem so opt-in is fine by me.

Also an important side note, this option will need the master password stored in memory (for decrypting the database when the QuickUnlock is entered)

[sudoforge]

I'd be much more a fan of enabling QuickUnlock with some other identifier, such as a separately-set PIN. This PIN can be a configurable length (it should probably default to 4), and can only be used to unlock the database during the current KPXC process if the database has been unlocked before -- to ensure the PIN (the "QuickUnlock passphrase") cannot be used to unlock the database from a new process / session.

This enables the ease of use of quick-unlocking a database without requiring the passphrase (or a subsection of the passphrase) to be repeatedly entered.

Windows 10 implements such a feature, where the user is only required to enter a small string of characters (a PIN in this particular case) that is - critically - not the same as their user password. This prevents keyloggers* or drive-by onlookers from being able to utilize the information they gather.

* This is assuming that the keylogger doesn't have access to the keyboard when it is entered initially.

[seatedscribe]

@StefanB08 I agree with you that in this scenario (a laptop in the hands of the cruel enemy) quick unlock is the least feature one wants enabled for his password manager. But at the same time we can think of alternatives, like having also a yubikey inserted which can reduce the risk of a brute force attack. As before, this should be an opt-in depending on the paranoid level of the user 😄

@bddenhartog having a PIN unrelated to the master password reduces the attack surface. Should the PIN remain the same from session to session, or is it to be generated anew every time KXC is launched?

• In the latter case it could be challenging (or a good memory exercise) since it changes frequently;
• In the former case, where is it supposed to be stored in the DB? @TheZ3ro maybe KDBX4 can be extended to allow this feature? Just sayin'...

[sudoforge]

quote @seatedscribe:

@bddenhartog having a PIN unrelated to the master password reduces the attack surface. Should the PIN remain the same from session to session, or is it to be generated anew every time KXC is launched?

• In the latter case it could be challenging (or a good memory exercise) since it changes frequently;
• In the former case, where is it supposed to be stored in the DB? @TheZ3ro maybe KDBX4 can be extended to allow this feature? Just sayin'...

It would definitely be most convenient to store the (non-ephemeral) PIN in the database settings; and I agree that this would be the preferred method of storage (over say, storing it on disk [permanent] or in memory [ephemeral]).

As a workaround to the current impossibility of storing the PIN in the database settings, perhaps we could read the PIN from the CLI (not unlike --pw-stdin does), and/or look for the value in a .keepassxc configuration file in the user's home directory?

[TheZ3ro]

Implementation wise, all those options are not available to us.

We have 2 cases:

1. Using a PIN not related to the master password (stored somewhere, doesn't matter now)
2. Using some character from the master password

In both those cases, if the master password is not stored in memory, you won't be able to unlock the database. By having a PIN or some char of the master password you can't derive the complete master password. (The DB is directly encrypted with the masterpassword)
And also if your database is locked with a Yubikey, you can't unlock it in both cases above if you don't have the Yubikey inserted.

[droidmonkey]

@TheZ3ro i believe you use the pin or last chars to encrypt the composite key in memory. Am i correct?

[TheZ3ro]

@droidmonkey should be a viable option, but then you shouldn't store the PIN anywhere and decrypt on demand

[droidmonkey]

The pin is known by the end user thus not stored.

[TheZ3ro]

@droidmonkey yes, I was clarifying this:

As a workaround to the current impossibility of storing the PIN in the database settings, perhaps we could read the PIN from the CLI (not unlike --pw-stdin does), and/or look for the value in a .keepassxc configuration file in the user's home directory?

[TheZ3ro]

Closed accidentally, my bad. Reopened