lxbrvr Posted August 16, 2021 Posted August 16, 2021 (edited) Description Workflow for fetching KeepassXC entries and their attributes. Demo Workflow page https://github.com/lxbrvr/alfred-keepassxc-workflow Features Search KeepassXC entries. Copy different entry attributes. It includes title, username, password, url, notes. Request TOTP for KeepassXC entries. Comfortable configuration using Alfred's UI and MacOS modal windows There are different settings for displaying KeepassXC data in Alfred. For example, you can show KeepassXC attributes which you want. Or you can hide values displaying for KeepassXC attributes etc. You can know more about it below. It works with KeepassXC key files It saves your KeepassXC master password to OSX Keychain. No dependencies. Only Alfred and KeepassXC. Automatically paste entry attributes to front most app. Open urls in default browser. Clipboard timeout. Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.2.0/keepassxc-2.2.0.alfredworkflow Usage Initialization Call Alfred, type kp or type kp:init and select "Express initialization". It'll ask you about KeepassXC database, KeepassXC key file and KeepassXC master password. Search KeepassXC entries Call Alfred and type kp <desired KeepassXC entry name>. For example kp google. It'll show found entries. Select some entry. It'll show entry attribute names. For example title, username, password etc. Select the attribute name. An attribute value will be copied to clipboard. Changelog 2.2.0 - 2022-07-03 Added Clipboard timeout. Show note details in full text with Opt ⌥ + Return ↵. Request to check for workflow updates. Open url in default browser with Opt ⌥ + Return ↵ 2.1.0 - 2022-04-10 Added KeepassXC 2.7 support. Link to search instruction to README.md. Check KeepassXC CLI before executing commands. TOTP request for KeepassXC entries. Changed Requirements for KeepassXC version in README.md. Removed Support for KeepassXC versions before 2.7. 2.0.0 - 2022-03-24 Added Python 3 support. Allow python interpreter selection in the settings. Check python interpreter before executing python commands. Don't reset alfred keyword and python path after resetting during express initialization. Changed Styling of README.md Simplify the usage section in README.md Removed Python 2 support. 1.2.0 - 2022-01-15 Added Automatically paste entry attributes to front most app with Command ⌘ + Return ↵. Changed Log error to stderr after fail result of security and keepassxc-cli tools. Allow choosing a KeepassXC database with any file extension. 1.1.0 - 2021-09-25 Added Add the ability to manually remove the master password from a keychain. Add automatic removal of the master password from a keychain after using "reset" and "init" commands. Show an error message when trying to configure a master password without configured a keychain service or keychain account. Remove an existing keychain record if the keychain name or the keychain service name has been changed in the settings. Changed Change the names of the settings to be more informative Improve informativeness in dialog boxes. 1.0.0 - 2021-08-16 Added First release Edited July 3, 2022 by lxbrvr
xxyxxyxyx1 Posted September 6, 2021 Posted September 6, 2021 (edited) Thank you for posting this workflow. Could you perhaps describe how the master password is stored, and comment on the security? I am sorry I'm not enough of a programmer to figure it out myself. Currently, if someone obtained both my computer and the admin user password, they could not access my database, since the password is not stored in any way. Edited September 6, 2021 by xxyxxyxyx1
deanishe Posted September 6, 2021 Posted September 6, 2021 (edited) 12 hours ago, xxyxxyxyx1 said: Could you perhaps describe how the master password is stored, and comment on the security? It says right there in the description that the master password is stored in your Keychain. This is not particularly secure, as the password is stored by – and therefore accessible to – the /usr/bin/security command-line program, which can be run by just about anything that isn’t sandboxed. I can't find any code in the workflow for removing the master password from Keychain. That's a serious omission, imo, but unless you're prepared to enter your master password every time you access a password, a workflow can't avoid storing a master password (or session key if your vault supports them) somewhere because it can't keep it in memory the way an application can. Keychain is the next best option. AFAIK, the only way a workflow can avoid storing any secrets is if it asks a desktop application to do all the actual password handling (the way Alfred's built-in 1Password support works). 12 hours ago, xxyxxyxyx1 said: Currently, if someone obtained both my computer and the admin user password, they could not access my database, since the password is not stored in any way. You're pretty much screwed in that case, anyway. Edited September 6, 2021 by deanishe
lxbrvr Posted September 6, 2021 Author Posted September 6, 2021 @deanishe thank for your reply! 22 minutes ago, deanishe said: I can't find any code in the workflow for removing the master password from Keychain. That's a serious omission, imo There is a workaround for that. You can replace the current password in keychain with a new value: 1. open the workflow settings (by default kp:settings) 2. choose "KeepassXC master password" 3. type any value or leave the text field blank. 4. Press "Continue" But this is still not a removing. I think it's a great idea to let users remove a workflow data from their keychain. Thank you @deanishe! @xxyxxyxyx1 deanishe told you everything right.
deanishe Posted September 6, 2021 Posted September 6, 2021 9 hours ago, lxbrvr said: But this is still not a removing. I think it's a great idea to let users remove a workflow data from their keychain. A "log out" / "lock" action is a must, imo.
lxbrvr Posted September 25, 2021 Author Posted September 25, 2021 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/1.1.0/keepassxc-1.1.0.alfredworkflow Changes Added Add the ability to manually remove the master password from a keychain. Add automatic removal of the master password from a keychain after using "reset" and "init" commands. Show an error message when trying to configure a master password without configured a keychain service or keychain account. Remove an existing keychain record if the keychain name or the keychain service name has been changed in the settings. Changed Change the names of the settings to be more informative Improve informativeness in dialog boxes.
TheThunderChimp Posted January 11, 2022 Posted January 11, 2022 Thanks for this lxbrvr. I'm trying to select the .kdbx database file, but for some reason it won't let me, the files are greyed out (see below). Strangely enough, I have the exact same problem when trying to set up the other KeePassXC workflow (by angoll).
lxbrvr Posted January 15, 2022 Author Posted January 15, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/1.2.0/keepassxc-1.2.0.alfredworkflow Changes Added Automatically paste entry attributes to front most app with Command ⌘ + Return ↵. Changed Log error to stderr after fail result of security and keepassxc-cli tools. Allow choosing a KeepassXC database with any file extension.
lxbrvr Posted January 15, 2022 Author Posted January 15, 2022 @TheThunderChimp Sorry for the late response and thanks for your feedback! Please use version 1.2.0. In this version you can choose a file with any extension.
lxbrvr Posted March 24, 2022 Author Posted March 24, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.0.0/keepassxc-2.0.0.alfredworkflow 2.0.0 - 2022-03-24 Added Python 3 support. Allow python interpreter selection in the settings. Check python interpreter before executing python commands. Don't reset alfred keyword and python path after resetting during express initialization. Changed Styling of README.md Simplify the usage section in README.md Removed Python 2 support.
lxbrvr Posted April 13, 2022 Author Posted April 13, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.1.0/keepassxc-2.1.0.alfredworkflow 2.1.0 - 2022-04-10 Added KeepassXC 2.7 support. Link to search instruction to README.md. Check KeepassXC CLI before executing commands. TOTP request for KeepassXC entries. Changed Requirements for KeepassXC version in README.md. Removed Support for KeepassXC versions before 2.7.
lxbrvr Posted July 3, 2022 Author Posted July 3, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.2.0/keepassxc-2.2.0.alfredworkflow 2.2.0 - 2022-07-03 Added Clipboard timeout. Show note details in full text with Opt ⌥ + Return ↵. Request to check for workflow updates. Open url in default browser with Opt ⌥ + Return ↵
MaXi32 Posted November 17 Posted November 17 What KeepassXC CLI version should I use? I'm using this version keepassxc-cli -v 2.7.9 But I keep getting the following error message
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now