11/10/2022 0 Comments Qtpass yubikey![]() ![]() ![]() Filtering (searching) breaks the tree/model sometimes.Unfortunately I do not know of any WebDAV service with OTP support except ownCloud (so you would have to run your own server). If using a YubiKey or U2F module or similar that requires a "button" press for other authentication methods you can use one OTP/U2F enabled WebDAV account per password (or groups of passwords) as a quite inconvenient workaround.Use a different smartcard for each (group of) key.Or if it just provides a counter for decrypted data you could at least notice an attack afterwards, though at quite some effort on your part. The smartcard must require explicit confirmation for each decryption operation.To get better protection out of use with a smartcard even against a targeted attack I can think of at least two options: #Qtpass yubikey how toOnce you plug in your smartcard and enter your PIN (or due to CVE-2015-3298 even without your PIN) all your passwords available to the machine can be decrypted by it, if there is malicious software targeted specifically against it installed (or at least one that knows how to use a smartcard). Used with a smartcard it also protects against anyone just monitoring/copying all files/keystrokes on that machine and such an attacker would only gain access to the passwords you actually use. It does protect future and changed passwords though against anyone with access to your password store only but not your keys. ![]() Using this program will not magically keep your passwords secure against compromised computers even if you use it in combination with a smartcard. #Qtpass yubikey mac os xOn Mac OS X this currently seems to only work best with pinentry-mac from homebrew, although gpgtools works too.Ĭodecoverage can be done with make lcov, make gcov, make coveralls and/or make codecov.īe sure to first run: make distclean & qmake CONFIG+=coverage qtpass.pro Security considerations Your GPG has to be set-up with a graphical pinentry when applicable, same goes for git authentication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |