Jump to content

Recommended Posts

Description 

 

Workflow for fetching KeepassXC entries and their attributes.

 

Demo

 

demo.gif

 

Workflow page

 

https://github.com/lxbrvr/alfred-keepassxc-workflow

 

Features

  • Search KeepassXC entries.
  • Copy different entry attributes. It includes title, username, password, url, notes.
  • Request TOTP for KeepassXC entries.
  • Comfortable configuration using Alfred's UI and MacOS modal windows
  • There are different settings for displaying KeepassXC data in Alfred. For example, you can show KeepassXC attributes which you want. Or you can hide values displaying for KeepassXC attributes etc. You can know more about it below.
  • It works with KeepassXC key files
  • It saves your KeepassXC master password to OSX Keychain.
  • No dependencies. Only Alfred and KeepassXC.
  • Automatically paste entry attributes to front most app.
  • Open urls in default browser.
  • Clipboard timeout.

 

Download

 

https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.2.0/keepassxc-2.2.0.alfredworkflow

 

Usage

 

Initialization

 

Call Alfred, type kp or type kp:init and select "Express initialization". It'll ask you about KeepassXC database, KeepassXC key file and KeepassXC master password.

 

Search KeepassXC entries

  1. Call Alfred and type kp <desired KeepassXC entry name>. For example kp google. It'll show found entries.
  2. Select some entry. It'll show entry attribute names. For example title, username, password etc.
  3. Select the attribute name. An attribute value will be copied to clipboard.

 

Changelog

 

2.2.0 - 2022-07-03

 

Added

  • Clipboard timeout.
  • Show note details in full text with Opt ⌥ + Return ↵.
  • Request to check for workflow updates.
  • Open url in default browser with Opt ⌥ + Return ↵

 

2.1.0 - 2022-04-10

 

Added

  • KeepassXC 2.7 support.
  • Link to search instruction to README.md.
  • Check KeepassXC CLI before executing commands.
  • TOTP request for KeepassXC entries.

Changed

  • Requirements for KeepassXC version in README.md.

Removed

  • Support for KeepassXC versions before 2.7.

 

2.0.0 - 2022-03-24

 

Added

  • Python 3 support.
  • Allow python interpreter selection in the settings.
  • Check python interpreter before executing python commands.
  • Don't reset alfred keyword and python path after resetting during express initialization.

Changed

  • Styling of README.md
  • Simplify the usage section in README.md

Removed

  • Python 2 support.

 

1.2.0 - 2022-01-15

 

Added

  • Automatically paste entry attributes to front most app with Command ⌘ + Return ↵.

Changed

  • Log error to stderr after fail result of security and keepassxc-cli tools.
  • Allow choosing a KeepassXC database with any file extension.

 

1.1.0 - 2021-09-25

 

Added

  • Add the ability to manually remove the master password from a keychain.
  • Add automatic removal of the master password from a keychain after using "reset" and "init" commands.
  • Show an error message when trying to configure a master password without configured a keychain service or keychain account.
  • Remove an existing keychain record if the keychain name or the keychain service name has been changed in the settings.

Changed

  • Change the names of the settings to be more informative
  • Improve informativeness in dialog boxes.

 

1.0.0 - 2021-08-16

 

Added

  • First release
Edited by lxbrvr
Link to comment
  • 2 weeks later...
  • 2 weeks later...

Thank you for posting this workflow. 

 

Could you perhaps describe how the master password is stored, and comment on the security? I am sorry I'm not enough of a programmer to figure it out myself. 

 

Currently, if someone obtained both my computer and the admin user password, they could not access my database, since the password is not stored in any way. 

Edited by xxyxxyxyx1
Link to comment
12 hours ago, xxyxxyxyx1 said:

Could you perhaps describe how the master password is stored, and comment on the security?

 

It says right there in the description that the master password is stored in your Keychain.

 

This is not particularly secure, as the password is stored by – and therefore accessible to – the /usr/bin/security command-line program, which can be run by just about anything that isn’t sandboxed. I can't find any code in the workflow for removing the master password from Keychain. That's a serious omission, imo, but unless you're prepared to enter your master password every time you access a password, a workflow can't avoid storing a master password (or session key if your vault supports them) somewhere because it can't keep it in memory the way an application can. Keychain is the next best option.

 

AFAIK, the only way a workflow can avoid storing any secrets is if it asks a desktop application to do all the actual password handling (the way Alfred's built-in 1Password support works).

 

12 hours ago, xxyxxyxyx1 said:

Currently, if someone obtained both my computer and the admin user password, they could not access my database, since the password is not stored in any way.

 

You're pretty much screwed in that case, anyway.

Edited by deanishe
Link to comment

@deanishe thank for your reply!

 

22 minutes ago, deanishe said:

I can't find any code in the workflow for removing the master password from Keychain. That's a serious omission, imo

 

There is a workaround for that. You can replace the current password in keychain with a new value: 

 

1. open the workflow settings (by default kp:settings)

2. choose "KeepassXC master password"

3. type any value or leave the text field blank.

4. Press "Continue"

 

But this is still not a removing. I think it's a great idea to let users remove a workflow data from their keychain. Thank you @deanishe!

 

@xxyxxyxyx1 deanishe told you everything right.

 

Link to comment

New version!

 

Download

 

https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/1.1.0/keepassxc-1.1.0.alfredworkflow

 

Changes

 

Added

  • Add the ability to manually remove the master password from a keychain.
  • Add automatic removal of the master password from a keychain after using "reset" and "init" commands.
  • Show an error message when trying to configure a master password without configured a keychain service or keychain account.
  • Remove an existing keychain record if the keychain name or the keychain service name has been changed in the settings.

Changed

  • Change the names of the settings to be more informative
  • Improve informativeness in dialog boxes.
Link to comment
  • 3 months later...

New version!

 

Download

 

https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.0.0/keepassxc-2.0.0.alfredworkflow

 

2.0.0 - 2022-03-24

 

Added

  • Python 3 support.
  • Allow python interpreter selection in the settings.
  • Check python interpreter before executing python commands.
  • Don't reset alfred keyword and python path after resetting during express initialization.

Changed

  • Styling of README.md
  • Simplify the usage section in README.md

Removed

  • Python 2 support.
Link to comment

New version!

 

Download

 

https://github.com/lxbrvr/alfred-keepassxc-workflow/releases/download/2.1.0/keepassxc-2.1.0.alfredworkflow

 

2.1.0 - 2022-04-10

 

Added

  • KeepassXC 2.7 support.
  • Link to search instruction to README.md.
  • Check KeepassXC CLI before executing commands.
  • TOTP request for KeepassXC entries.

Changed

  • Requirements for KeepassXC version in README.md.

Removed

  • Support for KeepassXC versions before 2.7.
Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...