lxbrvr Posted August 16, 2021 Share Posted August 16, 2021 (edited) Description Workflow for fetching KeepassXC entries and their attributes. Demo Workflow page https://github.com/lxbrvr/alfred-keepassxc-workflow Features Search KeepassXC entries. Copy different entry attributes. It includes title, username, password, url, notes. Request TOTP for KeepassXC entries. Comfortable configuration using Alfred's UI and MacOS modal windows There are different settings for displaying KeepassXC data in Alfred. For example, you can show KeepassXC attributes which you want. Or you can hide values displaying for KeepassXC attributes etc. You can know more about it below. It works with KeepassXC key files It saves your KeepassXC master password to OSX Keychain. No dependencies. Only Alfred and KeepassXC. Automatically paste entry attributes to front most app. Open urls in default browser. Clipboard timeout. Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.2.0/keepassxc-2.2.0.alfredworkflow Usage Initialization Call Alfred, type kp or type kp:init and select "Express initialization". It'll ask you about KeepassXC database, KeepassXC key file and KeepassXC master password. Search KeepassXC entries Call Alfred and type kp <desired KeepassXC entry name>. For example kp google. It'll show found entries. Select some entry. It'll show entry attribute names. For example title, username, password etc. Select the attribute name. An attribute value will be copied to clipboard. Changelog 2.2.0 - 2022-07-03 Added Clipboard timeout. Show note details in full text with Opt ⌥ + Return ↵. Request to check for workflow updates. Open url in default browser with Opt ⌥ + Return ↵ 2.1.0 - 2022-04-10 Added KeepassXC 2.7 support. Link to search instruction to README.md. Check KeepassXC CLI before executing commands. TOTP request for KeepassXC entries. Changed Requirements for KeepassXC version in README.md. Removed Support for KeepassXC versions before 2.7. 2.0.0 - 2022-03-24 Added Python 3 support. Allow python interpreter selection in the settings. Check python interpreter before executing python commands. Don't reset alfred keyword and python path after resetting during express initialization. Changed Styling of README.md Simplify the usage section in README.md Removed Python 2 support. 1.2.0 - 2022-01-15 Added Automatically paste entry attributes to front most app with Command ⌘ + Return ↵. Changed Log error to stderr after fail result of security and keepassxc-cli tools. Allow choosing a KeepassXC database with any file extension. 1.1.0 - 2021-09-25 Added Add the ability to manually remove the master password from a keychain. Add automatic removal of the master password from a keychain after using "reset" and "init" commands. Show an error message when trying to configure a master password without configured a keychain service or keychain account. Remove an existing keychain record if the keychain name or the keychain service name has been changed in the settings. Changed Change the names of the settings to be more informative Improve informativeness in dialog boxes. 1.0.0 - 2021-08-16 Added First release Edited July 3, 2022 by lxbrvr Link to comment
Phaks Posted August 26, 2021 Share Posted August 26, 2021 Pretty cool, thanks! lxbrvr 1 Link to comment
xxyxxyxyx1 Posted September 6, 2021 Share Posted September 6, 2021 (edited) Thank you for posting this workflow. Could you perhaps describe how the master password is stored, and comment on the security? I am sorry I'm not enough of a programmer to figure it out myself. Currently, if someone obtained both my computer and the admin user password, they could not access my database, since the password is not stored in any way. Edited September 6, 2021 by xxyxxyxyx1 Link to comment
deanishe Posted September 6, 2021 Share Posted September 6, 2021 (edited) 12 hours ago, xxyxxyxyx1 said: Could you perhaps describe how the master password is stored, and comment on the security? It says right there in the description that the master password is stored in your Keychain. This is not particularly secure, as the password is stored by – and therefore accessible to – the /usr/bin/security command-line program, which can be run by just about anything that isn’t sandboxed. I can't find any code in the workflow for removing the master password from Keychain. That's a serious omission, imo, but unless you're prepared to enter your master password every time you access a password, a workflow can't avoid storing a master password (or session key if your vault supports them) somewhere because it can't keep it in memory the way an application can. Keychain is the next best option. AFAIK, the only way a workflow can avoid storing any secrets is if it asks a desktop application to do all the actual password handling (the way Alfred's built-in 1Password support works). 12 hours ago, xxyxxyxyx1 said: Currently, if someone obtained both my computer and the admin user password, they could not access my database, since the password is not stored in any way. You're pretty much screwed in that case, anyway. Edited September 6, 2021 by deanishe Link to comment
lxbrvr Posted September 6, 2021 Author Share Posted September 6, 2021 @deanishe thank for your reply! 22 minutes ago, deanishe said: I can't find any code in the workflow for removing the master password from Keychain. That's a serious omission, imo There is a workaround for that. You can replace the current password in keychain with a new value: 1. open the workflow settings (by default kp:settings) 2. choose "KeepassXC master password" 3. type any value or leave the text field blank. 4. Press "Continue" But this is still not a removing. I think it's a great idea to let users remove a workflow data from their keychain. Thank you @deanishe! @xxyxxyxyx1 deanishe told you everything right. Link to comment
deanishe Posted September 6, 2021 Share Posted September 6, 2021 9 hours ago, lxbrvr said: But this is still not a removing. I think it's a great idea to let users remove a workflow data from their keychain. A "log out" / "lock" action is a must, imo. Link to comment
lxbrvr Posted September 25, 2021 Author Share Posted September 25, 2021 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/1.1.0/keepassxc-1.1.0.alfredworkflow Changes Added Add the ability to manually remove the master password from a keychain. Add automatic removal of the master password from a keychain after using "reset" and "init" commands. Show an error message when trying to configure a master password without configured a keychain service or keychain account. Remove an existing keychain record if the keychain name or the keychain service name has been changed in the settings. Changed Change the names of the settings to be more informative Improve informativeness in dialog boxes. Link to comment
TheThunderChimp Posted January 11, 2022 Share Posted January 11, 2022 Thanks for this lxbrvr. I'm trying to select the .kdbx database file, but for some reason it won't let me, the files are greyed out (see below). Strangely enough, I have the exact same problem when trying to set up the other KeePassXC workflow (by angoll). Link to comment
lxbrvr Posted January 15, 2022 Author Share Posted January 15, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/1.2.0/keepassxc-1.2.0.alfredworkflow Changes Added Automatically paste entry attributes to front most app with Command ⌘ + Return ↵. Changed Log error to stderr after fail result of security and keepassxc-cli tools. Allow choosing a KeepassXC database with any file extension. Link to comment
lxbrvr Posted January 15, 2022 Author Share Posted January 15, 2022 @TheThunderChimp Sorry for the late response and thanks for your feedback! Please use version 1.2.0. In this version you can choose a file with any extension. Link to comment
lxbrvr Posted March 24, 2022 Author Share Posted March 24, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.0.0/keepassxc-2.0.0.alfredworkflow 2.0.0 - 2022-03-24 Added Python 3 support. Allow python interpreter selection in the settings. Check python interpreter before executing python commands. Don't reset alfred keyword and python path after resetting during express initialization. Changed Styling of README.md Simplify the usage section in README.md Removed Python 2 support. Link to comment
lxbrvr Posted April 13, 2022 Author Share Posted April 13, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.1.0/keepassxc-2.1.0.alfredworkflow 2.1.0 - 2022-04-10 Added KeepassXC 2.7 support. Link to search instruction to README.md. Check KeepassXC CLI before executing commands. TOTP request for KeepassXC entries. Changed Requirements for KeepassXC version in README.md. Removed Support for KeepassXC versions before 2.7. Link to comment
lxbrvr Posted July 3, 2022 Author Share Posted July 3, 2022 New version! Download https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.2.0/keepassxc-2.2.0.alfredworkflow 2.2.0 - 2022-07-03 Added Clipboard timeout. Show note details in full text with Opt ⌥ + Return ↵. Request to check for workflow updates. Open url in default browser with Opt ⌥ + Return ↵ Link to comment
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now