Time-based OTP

Anonymous
2011-11-02
2014-01-11

  • Anonymous
    2011-11-02

    Might it be possible to update the OtpKeyProv plugin to add the option for time-based OTP (TOTP) rather than just counter based? (as per RFC 6238). Most of the soft-token solutions available support both (such as Google Authenticator)

    Time-based tokens would avoid problems associated with resyncing.

    Also, the 3x key requirement seems excessive if the OTP is to be used in conjunction with the master password, right? Can this forced requirement be removed?

    Thanks and great work on this project!

     
  • Dominik Reichl
    Dominik Reichl
    2011-11-02

    Support for time-based OTPs would of course be great. I've added it to my to-do list, thanks for the suggestion.

    Everything less than 3 OTPs would be completely insecure (when an attacker retrieves two OTP auxiliary info files he could derive the actual secret key easily), thus the OtpKeyProv plugin enforces the usage of at least 3 OTPs.

    Best regards
    Dominik

     

  • Anonymous
    2011-11-03

    Cool, thanks!

    A couple of other quick comments about OTPs:
    - It would be great if you could add support for base32 keys, since this is the key format used by Google Authenticator OTP tool (adding a key generate option would be useful too to save a few steps!)
    - For HOTP, it seems that the current implementation can loose sync very easily. It might be worth adding a "look-ahead" check on decrypt, as per RFC 4226 section 7.4, in order to correct any drift between the counter on keypass and the counter on the OTP generator

    I'm not sure I fully understand the security risk from having less than 3 OTPs. Most multi-factor authentication schemes just use a single OTP combined with a master password, and based on my (limited) understanding of the algorithm, this should be sufficient. Is this due to how keepass handles different key providers to unlock the database? Perhaps you could add a separate password entry directly to the OTP plugin to provide the extra necessary bits.

    Unfortunately, having to enter multiple keys seems like a big usability barrier to implementing OTPs, especially if you add support for TOTP (3 keys x 30 second window = 60-90 second wait before being able to generate the necessary unlock keys).

    Thanks again, love the program!

     
  • Dominik Reichl
    Dominik Reichl
    2011-11-12

    I've now released OtpKeyProv version 1.2, which adds support for Base32-encoded keys and counters.
    http://keepass.info/plugins.html#otpkeyprov

    Best regards
    Dominik

     
  • karl lohnauer
    karl lohnauer
    2011-11-26

    Dear Dominik,

    is there now a way to get the yubikey work together with the OtpKeyProv  plugin?

    Best Regards
    Karl

     
  • Dominik Reichl
    Dominik Reichl
    2011-11-26

    According to , YubiKeys can generate OATH HOTPs. So, they already should work fine with OtpKeyProv.

    Best regards
    Dominik

    http://www.yubico.com/oath-yubikey

     
  • Thomas Haller
    Thomas Haller
    2011-12-06

    Support for TOTP would be great - so that one can generate a key from within Keypass. Keep up the good work; Keepass is my most used tool! Thank you.

     
  • Nurple
    Nurple
    2011-12-11

    Heya, maybe I'm missing something, but seeing as you can enter the secret key to recover/resync the database, isn't the end result just a static password if you only used OtpKeyProv, or if used with a master password it's a 2nd static password, and the otp bit is moot.

    I guess the main point is to stop people from capturing and reusing the otp, and the only time the attacker wound get lucky is if he/she caught the secret key at setup/resync time.

    I'll still be using it, if only to get a 2nd password.

    Sorry if I'm making no sense, I pretty much suck at explaining my thoughts.

    Dominik, could you tell me the SHA-1 of the plugin, please. I did have another post about plugin sigs, and not sure if it got missed, but I don't like bumping posts more than once.

     
  • tachycore
    tachycore
    2012-03-02

    Dear Dominik,

    Any chance you can also add a time-based option for generating OTP's?

    It's both annoying and risky to open the XML file to verify the current count each time.

    It would expand its use with tools like Google Authenticator, too.

    Thanks.

     
  • I need to use KeePass Portable in several customers at various workstations unreliable.
    As the KeePass is vulnerable keyloger is essential to use OtpKeyProv. However for me import a Token is expensive.
    I look forward compatibility OtpKeyProv with Google Authenticator is only solution for my case.

    Preciso do KeePass Portatil para usar em vários clientes e em varias estações de trabalho não confiáveis.
    Como o KeePass é vulnerável keyloger é imprescindível usar o OtpKeyProv. Porem para mim importar um Token é caro.
    Aguardo ansiosamente a compatibilidade do OtpKeyProv com o Google Authenticator é única solução para o meu caso.

     
  • Paul
    Paul
    2012-10-05

    You could use a key file and password. Keep the key file on a USB stick

    cheers, Paul

     
  • With a simple program that copies the files from the USB stick compromise the security of the database.

    Com um simples programa que copia os arquivos do USB stick comprometeria a segurança do banco de dados.

     
  • Paul
    Paul
    2012-10-06

    That requires a KeePass specific "key logger". There is no defence against that.

    cheers, Paul

     
  • OTP is protection against that.

     
  • Paul
    Paul
    2012-10-07

    No it isn't. A KeePass specific logger will wait for you to open the database and then extract all the data.

    cheers, Paul

     
  • Dominik Reichl
    Dominik Reichl
    2012-10-07

    If I would be an attacker and would have full access to the user's PC, I'd firstly copy the database and all auxiliary files and secondly install a keylogger. Having both the database + auxiliary files and the keylogged OTPs, I can open the database. Of course here the order is important: it's essential to first copy the files and afterwards log the required OTPs. In the other order, the OTPs are not the required ones. This attack doesn't require KeePass-specific tools; basic spyware capabilities are sufficient.

    In summary, if you have spyware on your PC, even OTPs won't help. In client-server systems, OTPs might help, but not for local applications like KeePass.

    Best regards
    Dominik

     
    • CYPER
      CYPER
      2014-01-10

      How can an attacker open the DB with used OTPs?
      Do you mean that the attacker will somehow manage to create a fake database where these OTPs would not be accepted, but then again they will be generated, so they will still be considered used.

       
      • Paul
        Paul
        2014-01-11

        How can an attacker open the DB with used OTPs?

        Easily if they have recorded the state of the OTP counter before the database was opened and recreate those conditions.
        If you have malware nothing is secure.

        cheers, Paul

         
  • Paul
    Paul
    2012-10-08

    If the computer is 2000, Vista or Windows 7 you can enter the master password on the secure desktop.
    http://keepass.info/help/base/security.html#secdesktop

    cheers, Paul

     
  • Janzomaster
    Janzomaster
    2013-06-29

    I see this thread is quite old, and I don't understand all of it - is using the Google Authenticator to open a Keepass2 password safe possible?

     
  • Paul
    Paul
    2013-06-29

    Possibly. Does the GA support OATH HOTP standard (RFC 4226)?
    See the KeePass page: http://keepass.info/plugins.html#otpkeyprov

    cheers, Paul

     
  • superskid
    superskid
    2013-11-06

    Is there a walk through on how to setup 2FA with Optkeyprov, I don't want to type something in, then choose the wrong options and have google authenticator not work and never be able to get into my database.

     
  • wellread1
    wellread1
    2013-11-06

    Create a test database to use with the OtpKeyProv plugin and take a look at these two threads for some additional background information and a test configuration.