You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In addition to my password I use the challenge-response mode with a yubikey. Additionally I have activated the options 'Automatically save when locking database' and 'Lock database when session is locked or lid is closed'.
When locking my laptop without having the yubikey inserted keepassxc tries to lock the database but needs to save it first. Because of the challenge-response mode this needs an interaction with the yubikey. If this interaction doesn't happen the database is not locked but rather just shows a prompt to 'save', 'discard' or 'cancel'. I believe to not be able to access any passwords directly this way, as whatever I click will close the database after running the action, but I can at least read usernames etc. underneath the popup. Using the KeepassXC-Browser extension I am also still able to get it to input passwords as long as this popup is open.
Steps to Reproduce
Use challenge-response with a security key
Have options 'Automatically save when locking database' and 'Lock database when session is locked or lid is closed' activated
remove your security key after the database is unlocked
lock your device
Expected Behavior
Even though it leads to dataloss of unsaved edits, I'd argue it to be better to discard all edits and lock the database, if no security key is found. This might lead to the loss of some unsaved edits, but it means the database is always locked when it is to be expected.
Actual Behavior
The database does not lock, because it can't save edits without the security key. This means the database stays unlocked even though you'd expect it to be locked.
Overview
In addition to my password I use the challenge-response mode with a yubikey. Additionally I have activated the options 'Automatically save when locking database' and 'Lock database when session is locked or lid is closed'.
When locking my laptop without having the yubikey inserted keepassxc tries to lock the database but needs to save it first. Because of the challenge-response mode this needs an interaction with the yubikey. If this interaction doesn't happen the database is not locked but rather just shows a prompt to 'save', 'discard' or 'cancel'. I believe to not be able to access any passwords directly this way, as whatever I click will close the database after running the action, but I can at least read usernames etc. underneath the popup. Using the KeepassXC-Browser extension I am also still able to get it to input passwords as long as this popup is open.
Steps to Reproduce
Expected Behavior
Even though it leads to dataloss of unsaved edits, I'd argue it to be better to discard all edits and lock the database, if no security key is found. This might lead to the loss of some unsaved edits, but it means the database is always locked when it is to be expected.
Actual Behavior
The database does not lock, because it can't save edits without the security key. This means the database stays unlocked even though you'd expect it to be locked.
KeePassXC - VERSION 2.7.4
Revision: 63b2394
Operating System: Windows 10 Version 2009
The text was updated successfully, but these errors were encountered: